The U.S. Government Accountability Office ("GAO") urged federal action to address challenges to critical cybersecurity infrastructure.

In a report, GAO evaluated the federal government's cybersecurity infrastructure and highlighted the need to: (i) establish a comprehensive cybersecurity strategy and perform effective oversight; (ii) secure federal systems and information; (iii) protect cyber critical infrastructure; and (iv) protect privacy and sensitive data.

To address these issues, GAO is recommending, among others:

  • Developing and executing a more comprehensive cyber strategy - beyond the current White House effort - including the establishment of end goals and determining the required resources to achieve them. GAO recommends that the National Security Council upgrade their existing strategy and urges Congress to pass legislation that would designate a White House executive to lead the effort;
  • Strengthening the Cybersecurity Infrastructure Security Agency (CISA) position in protecting critical cybersecurity infrastructure, including finalizing the agency's mission-essential functions and encouraging consistent stakeholder involvement in the development of relevant guidance.

Since 2010, GAO has made approximately 3,700 recommendations related to the nation's cybersecurity efforts, of which about 2,800 have been implemented as of November 2021.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.