Cybersecurity Gaps Plague US State Department, GAO Report Warns


The US Department of State must fully implement its cybersecurity risk program and take additional steps to better protect its IT network and systems, a 92-page report by the General Accounting Office (GAO) warns.

The State Department has completed the authorization process for less than half (44%) its nearly 500 information systems, and has yet to implement a department-wide continuous monitoring system.

On the positive side, the department has identified risk management roles and responsibilities and developed a cyber risk management strategy.