Skip to Content

GAO: US Department of Defense Needs to Improve Cyber Incident Reporting and Sharing

The US Government Accountability Office (GAO) says that the Department of Defense (DoD) needs to do a better job of reporting and sharing information about cybersecurity incidents. While DoD has taken steps that have reduced the number of cyber incidents it experiences, the agency “hasn’t fully implemented its processes for managing cyber incident, doesn’t have complete data on cyber incidents that staff report, and doesn’t document whether it notifies individuals whose personal data is compromised in a cyber incident.”

Note

  • The trend of DOD incidents in the GAO report indicates things are heading in the right direction overall, this is about completing initiatives designed to properly collect/report and act on that information. When collecting incident information make sure that you have all the relevant information. Review the collection process to make sure it’s still adequate. Then make sure you know what gets reported on what timeline. Verify that those reporting lines are not only functional but also include appropriate data handling to ensure that appropriate confidentiality and integrity is maintained. Make sure that projects needed to support these efforts complete. Some may need reassignment to achieve success.

Read more in

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that\'s committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we haven\'t implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you\'re currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.