CISA Must Fully Organize to Prevent Cyberattacks: GAO
The Cybersecurity and Infrastructure Security Agency in the Department of Homeland Security must fully complete Congress-mandated organizational planning to effectively “identify and respond to cybersecurity incidents” like the Russia-linked SolarWinds hack (see 2012170050), GAO reported Wednesday. Senate Intelligence Committee Chairman…
Sign up for a free preview to unlock the rest of this article
If your job depends on informed compliance, you need International Trade Today. Delivered every business day and available any time online, only International Trade Today helps you stay current on the increasingly complex international trade regulatory environment.
Mark Warner, D-Va., and others are drafting a cyber hack reporting measure (see 2103040066). CISA “completed the first two of three phases of its organizational transformation initiative” before Congress’ December deadline but had completed only “about a third of the tasks planned for the final phase” by then, GAO said. Tasks not completed include “finalizing the mission-essential functions of CISA's divisions and issuing a memorandum defining incident management roles and responsibilities across CISA. Tasks such as these appear to be critical to CISA's transformation initiative and accordingly its ability to effectively and efficiently carry out its cyber protection mission.” DHS agreed with GAO’s assessment of CISA’s progress but didn’t fully specify its plans for completing its organizational efforts, the office said.