Jan 14 2016

GAO: 42 Percent of Cybersecurity Recommendations Are Unaddressed

Fully 58 percent of the GAO’s IT-related recommendations have been put into place, compared with 80 percent of its recommendations overall, on average.

The Government Accountability Office (GAO) says that federal agencies are implementing its IT-related recommendations at a lower rate than other GAO recommendations, on average.

In a Jan. 7 post on the GAO’s WatchBlog, the investigative arm of Congress reported that, since 2010, it has "made around 2,000 recommendations to improve federal cybersecurity, but about 840 of recommendations remain open," for a completion rate of 58 percent.

In contrast, the GAO said that it “averaged 1,800 recommendations a year with an average 80% implementation rate between fiscal years 2010-2015.”

Whenever the GAO issues an investigative report, it adds recommendations for actions that a particular department should take in order to fix the issues the report uncovered.

Falling Down on Cybersecurity Recommendations

In the blog post, the GAO noted that it “recommended that the Office of Management and Budget address agency cyber incident response practices in its oversight of agency information security programs.”

That refers to an April 2014 report that had 28 recommendations for a variety of federal agencies and departments, including the Department of Energy, the Department of Homeland Security, the Department of Justice and the Department of Veterans Affairs. Of the 28 recommendations, 23 remain open.

“Implementing this and other outstanding recommendations could better protect federal data and federal agencies’ responses to cyberattacks and data breaches,” the GAO said in the blog post.

Overall, the GAO said, “[A]s of November 12, 2015, there were about 4,800 open recommendations and matters for congressional consideration for the 24 largest federal departments and agencies.” The agency said that if federal agencies put GAO recommendations into place, “they could result in significant benefits across the federal government.”

Those benefits include increased savings and revenue for the federal government as well as enhanced public services. According to the GAO, “in fiscal year 2015 alone, our work resulted in $74.7 billion in savings — a return of about $134 for every $1 invested in us.”

“Our recommendations provide a significant opportunity to improve the government’s fiscal position, better serve the public, and make government programs more efficient and effective,” Comptroller General Gene Dodaro testified Dec. 10 in a hearing of the House Subcommittee on Regulatory Affairs and Federal Management, Federal Times reported. “We will continue to work with Congress to monitor and draw attention to these important issues.”