Saturday, January 15, 2022

GAO Reports – Cybersecurity Response

This week, the GAO published a report on the federal government response to the nearly concurrent SolarWinds attack and organized exploits of the Microsoft Exchange vulnerabilities. This report looks at those response activities and outlines three National Security Council recommendations for improving responses to future cyberattack. An appendix provides separate timelines for the response to both incidents.

The accompanying highlight document identifies four lessons learned by responding agencies:

• Coordinating with the private sector led to greater efficiencies in agency incident response efforts,

• Providing a centralized forum for interagency and private sector discussions led to improved coordination among agencies and with the private sector,

• Sharing of information among agencies was often slow, difficult, and time consuming, and

• Collecting evidence was limited due to varying levels of data preservation at agencies.

The GAO reports that the NSC identified three areas that the government could take to take to prevent and improve the response to future incidents (pg 36):

• Align technology investments with operational priorities. The review identified that the federal government should invest resources to increase its capabilities to identify, detect, protect, and respond to significant cybersecurity incidents.

• Improve public-private engagement. The federal government should improve its coordination and information sharing with the private sector.

• Improve threat intelligence acquisition, sharing, and use among federal agencies. The federal government should improve information sharing with its partners.

No comments:

/* Use this with templates/template-twocol.html */