WASHINGTON D.C. — A new watchdog report is revealing the federal government still lacks a comprehensive strategy to protect our critical infrastructure against cyber-attacks despite years of calls for recommended changes.
According to the report from the U.S. Government Accountability Office (GAO), the agency has made around 335 public recommendations to improve cybersecurity protections since 2010 but the federal government still has not implemented more than half of those recommendations as of last month.
“Until the federal government fully develops and implements a comprehensive national strategy, it will not have a clear roadmap for overcoming the cyber challenges facing our nation,” the report said.
“Our energy, healthcare and financial systems, they all face cyber risks from malicious actors,” said Marisol Cruz Cain, a Director in the Information Technology and Cybersecurity Team for GAO. “Attacks like these could cause serious harm to people, our environment, national security and most importantly our economy.”
The report points to concerns with a cybersecurity workforce shortage and it said federal agencies need to do a better job of securing internet-connected devices.
“Phones, connected refrigerators, televisions, apps that you have on your phone, and what we’ve been asking the federal government to do is come up with a comprehensive plan as to protect the security of those devices,” said Cruz Cain.
The report said the government is continuing to work on making these recommended changes.
“As of August 2022, according to the Office of the National Cyber Director, the development of a national cybersecurity strategy by the administration is underway,” the report said. “The office noted that it is obtaining feedback on the strategy from many other federal entities, including the National Security Council, on this effort.”
©2023 Cox Media Group