Saturday, December 3, 2022

GAO Reports – Week of 11-26-22 – Cybersecurity

This week the Government Accountability Office published one report on cybersecurity; “Critical Infrastructure: Actions Needed to Better Secure Internet-Connected Devices”. The report focuses on critical infrastructure oversight of IoT and OT cybersecurity at three federal agencies: DOE, HHS and TSA. The report includes nine recommendations, mainly dealing with specifically including IoT and OT technology in cyber risk assessments and including cybersecurity metrics in the respective sector specific plans.

Highlight Page .pdf -


It is interesting that GAO overlooked the longest running federal security program that includes oversight of critical infrastructure cybersecurity; the Chemical Facility Anti-Terrorism Standards (CFATS) program. Many of the recommendations could be applied to that program as well.

No comments:

/* Use this with templates/template-twocol.html */