Cyber incident reporting
GAO Report: Pentagon Needs to Improve Cyber Incident Reporting and Sharing
The Government Accountability Office said the Department of Defense needs to take additional steps to ensure that cyber incidents are properly reported and shared.
According to a GAO report, the Pentagon has not yet fully implemented its processes for managing cyber incidents, does not have complete data on reports and does not document whether it notifies individuals whose personal data have been compromised. The oversight body noted that the DOD has taken some steps to combat cyberattacks.
According to GAO, the lapses in the DOD’s reporting practice are due to the failure to assign an organization that oversees proper reporting and guidance compliance. The oversight body said the Pentagon could not gain an accurate picture of its cybersecurity posture until such authority is established.
The report also noted that bad cyber actors continue to target the defense industrial base, GAO said.
According to GAO, the Defense Department has not yet decided if DIB cyber incidents detected by cybersecurity service providers should be shared with relevant stakeholders. GAO said the Pentagon might miss out on opportunities to identify threats and improve weaknesses as long as a decision on information sharing is not made.
GAO offered six recommendations that would help the Pentagon improve its threat information reporting and sharing. These include assigning responsibility for reporting oversight, aligning policy and system requirements to create enterprise-wide visibility of cyber incident reporting and including detailed procedures for notifying key personnel on cyber reporting.
The Defense Department concurred with the recommendations.
Tags: cyber incident reporting and sharing cybersecurity Defense Industrial Base Department of Defense Government Accountability Office