DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Cybersecurity: Federal Agencies Made Progress, but Need to Fully Implement Incident Response Requirements (GAO Report)

Posted on December 6, 2023 by Dissent

GAO-24-105658
Published: Dec 04, 2023.
Publicly Released: Dec 04, 2023.

Fast Facts

Federal agencies have made progress in preparing for and responding to cyber threats. For instance, agencies have improved their ability to detect, analyze, and handle incidents like ransomware attacks and data breaches.

However, some agencies have not met the federal requirements for event logging—i.e., ensuring that cybersecurity incidents are tracked and that these tracking logs are appropriately retained and managed.

Information from federal IT logs is invaluable in the detection, investigation, and remediation of cyberthreats. We recommended that federal agencies fully implement requirements to log cybersecurity events, and more.

What GAO Found

Federal agencies rely upon the following for cybersecurity incident response:

    • tools, such as endpoint detection and response solutions;
    • services, such as threat hunting or cyber threat intelligence provided by the Cybersecurity and Infrastructure Security Agency (CISA) and third party firms; and
    • resources, such as skilled staff and funding.

The 23 civilian Chief Financial Officers (CFO) Act of 1990 agencies have made progress in cybersecurity incident response preparedness by taking steps to standardize their incident response plans and demonstrating improvement in their capabilities for incident detection, analysis, and handling (see table).

Read the full report:

Highlights Page (1 page)
 Full Report (79 pages)

 

 

Related posts:

  • The President Ordered a Board to Probe a Massive Russian Cyberattack. It Never Did.
  • CYBERSECURITY: DHS Needs to Enhance Efforts to Improve and Promote the Security of Federal and Private-Sector Networks
Category: Commentaries and AnalysesFederalOf Note

Post navigation

← Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers
Millions of patient scans and health records spilling online thanks to decades-old protocol bug →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Armenian National Extradited to the United States Faces Federal Charges for Ransomware Extortion Conspiracy
  • 70% of healthcare cyberattacks result in delayed patient care, report finds
  • Police disrupt “Diskstation” ransomware gang attacking NAS devices
  • Meta fixes bug that could leak users’ AI prompts and generated content
  • Mississippi Law Firm Sues Cyber Insurer Over Coverage for Scam
  • Ukrainian Hackers Wipe 47TB of Data from Top Russian Military Drone Supplier
  • Computer Whiz Gets Suspended Sentence over 2019 Revenue Agency Data Breach
  • Ministry of Defence data breach timeline
  • Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years
  • Ransomware in Italy, strike at the Diskstation gang: hacker group leader arrested in Milan

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Upstate NY county clerk again refuses to enforce Texas abortion judgment
  • Attorney General James Leads Coalition Urging Congress to Protect Americans from Masked ICE Agents
  • Attorney General Tong Announces $85,000 Settlement with TicketNetwork for Violations of the Connecticut Data Privacy Act​
  • Fourth Circuit upholds West Virginia ban on abortion pills
  • Meta fixes bug that could leak users’ AI prompts and generated content
  • The EU’s Plan To Ban Private Messaging Could Have a Global Impact (Plus: What To Do About It)
  • A Balancing Act: Privacy Issues And Responding to A Federal Subpoena Investigating Transgender Care

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.