Federal Agencies Still Have Work to do to Protect Against Cyberthreats
From 2015 to 2018, GAO set about releasing a set of roughly 1400 recommendations on how federal agencies could strengthen their information technology (IT) systems against cyber-attacks. However, GAO notes that as of May 2019, 500 of these recommendations have yet to be implemented.
“IT systems are often riddled with security vulnerabilities,” auditors wrote in the report. “These vulnerabilities can facilitate security incidents and cyberattacks that disrupt critical operations; lead to inappropriate access to and disclosure, modification, or destruction of sensitive information; and threaten national security, economic well-being, and public health and safety.”
From 2009 through 2015, cyber-attacks against federal government IT systems increased by 157 percent. In 2018 alone federal agencies reported more than 31,000 cyber incidents against their systems. These attacks came through a variety of vectors such as web-based attacks, phishing attacks, and physical theft of computer equipment
To view the report in full, click here: https://www.gao.gov/assets/710/700588.pdf