Since coming into office two years ago, the Biden Administration has made the cyber defenses of US government agencies – as well as the private sector – a key focus.
However, the US Government Accountability Office (GAO) – Congress' auditing and investigative arm – says that since 2010, it has made about 335 cybersecurity recommendations, but that almost 60 percent of those have not been implemented by the end of 2022.
At a time when increasingly sophisticated cyberthreats against the government are growing, not following through on about 190 of those recommendations could have significant ramifications, the agency said in a report this month, the first of four it plans to roll out to highlight the primary cybersecurity areas the federal government needs to address.
This first one focuses on a strategy and oversight. "Until these are fully implemented, federal agencies will be more limited in their ability to protect private and sensitive data entrusted to them," the GAO wrote in the report.