In a new report published by the Government Accountability Office (GAO), 20 US federal agencies have failed to meet the deadline to implement advanced level cyber event logging and incident response capabilities required by law.
According to a 2021 Executive Order, all US federal agencies needed reach event logging tier three by August 2023. Currently, only 3 of the 23 agencies were at tier three, 3 agencies had reached the tier one level and 17 had not gone past the tier zero level.
“Until the agencies implement all event logging requirements, the federal government’s ability to fully detect, investigate, and remediate cyber threats will be constrained,” reads the GAO report.
After a recent investigation, the GAO found the critical challenges for agencies included:
- The lack of staff
- Event logging technical challenges
- Limitations in cyber threat information sharing
Efforts to address these challenges include:
- Onsite cyber incident response assistance from CISA
- Event logging workshops and guidance
- Enhancements to a cyber threat information-sharing platform
- Implementation of the National Workforce and Education Strategy
- A new threat intelligence platform from CISA
Emily Phelps, Director, Cyware had this comment:
“The GAO report findings are both concerning and indicative of broader challenges in the cybersecurity landscape, especially within the public sector. There is a critical gap in the government’s cybersecurity posture at a time when the threat landscape is increasingly complex and aggressive. These findings also underscore the urgent need for modernized cybersecurity measures and collaboration.
“The proposed remedies are steps in the right direction, potentially enabling more real-time threat intelligence sharing and collaborative defense. To outpace adversaries, federal entities must have reliable intel sharing and security automation capabilities to defend against potential threats more effectively and efficiently.”
Hopefully someone within government is paying attention to this report as this is a pretty major alarm bell that is ringing.
Like this:
Like Loading...
Related
This entry was posted on December 7, 2023 at 8:12 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
US Agencies Constrained By Failed Incident Response Requirements
In a new report published by the Government Accountability Office (GAO), 20 US federal agencies have failed to meet the deadline to implement advanced level cyber event logging and incident response capabilities required by law.
According to a 2021 Executive Order, all US federal agencies needed reach event logging tier three by August 2023. Currently, only 3 of the 23 agencies were at tier three, 3 agencies had reached the tier one level and 17 had not gone past the tier zero level.
“Until the agencies implement all event logging requirements, the federal government’s ability to fully detect, investigate, and remediate cyber threats will be constrained,” reads the GAO report.
After a recent investigation, the GAO found the critical challenges for agencies included:
Efforts to address these challenges include:
Emily Phelps, Director, Cyware had this comment:
“The GAO report findings are both concerning and indicative of broader challenges in the cybersecurity landscape, especially within the public sector. There is a critical gap in the government’s cybersecurity posture at a time when the threat landscape is increasingly complex and aggressive. These findings also underscore the urgent need for modernized cybersecurity measures and collaboration.
“The proposed remedies are steps in the right direction, potentially enabling more real-time threat intelligence sharing and collaborative defense. To outpace adversaries, federal entities must have reliable intel sharing and security automation capabilities to defend against potential threats more effectively and efficiently.”
Hopefully someone within government is paying attention to this report as this is a pretty major alarm bell that is ringing.
Share this:
Like this:
Related
This entry was posted on December 7, 2023 at 8:12 am and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.