According to the US Government’s Accountability Office (GAO), twenty American federal agencies have failed to complete the time limit of implementing the required cyber threat to the required cyber threat reaction capabilities by the law. A new GAO report published this week found that by August this year, only three out of 23 agencies had met the necessary event logging standards, as 2021 Executive Order 14028, Cyber Security incident reaction requirements and the status of completion Was determined by. Under this order, the US Office of Management and Budget (OMB) requires all American federal agencies to reach “Tier Three” to show that cyber security incidents are tracked and logging to the logs It is maintained properly and managed at all important levels.
Goa said that most of the agencies to take steps to standardize the response plans despite progressing in the preparation of their event and to detect the event, analyze and improve the capabilities for handling, just three advanced tier three, only three advanced tier three Has reached the level. Out of the remaining 20, three were at the original (Tier One) level and 17 were not effective (tier zero) level. The report said, “As long as the agencies apply all the event logging requirements, the federal government will be forced to fully detect, investigate and remide cyber threats.” The agencies which have failed to reach Tier Three include the Department of Commerce, State and Justice.
American federal agencies report several cyber security incident reaction challenges challenges
The reports investigating the resources, the federal agencies relieved for the response to the cyber security incident. These are:
- Tools such as endpoint detection and response solutions.
- Services such as cyber space and infrastructure security agency (CISA) and third party firms served services such as hunting or cyber threats intelligence.
- Skilled Staff and Funding.
Agencies described three major challenges, which obstruct their abilities to fully prepare cyber security events: (1) Lack of employees, (2) Event logging technical challenges and (3) Limits in sharing cyber threat information. “Federal institutions have ongoing efforts that can help resolve these challenges. These efforts include the guidance and promotion of the platform to share information on Cyber event response assistance, event logging workshops and a cyber threat information from CISA. ,
In addition, long -term efforts such as the implementation of national workforce and education strategy and a new danger intelligence platform from CISA have been planned to roll their first phase to federal departments and agencies in FY 2024 It is targeted, read the report.
Find out more about the CISO strategies and strategy used in the reaction of the event and how the mentality of the reaction of the event has developed
