Federal agencies and our country’s critical infrastructure, such as energy, transportation systems, communications, and financial services, depend on computer systems to conduct their operations and process essential data. The security of these systems and data is vital to protecting individual privacy and national security.
However, the risks to IT systems are increasing – in particular, malicious actors are increasingly willing and able to carry out cyberattacks. Additionally, there has been an increase in most types of cyberattacks in the United States, and the cost of these attacks is also increasing.
The most common types of cybersecurity incidents in the United States
Dollars in millions
Additionally, because many government computer systems contain large amounts of personally identifiable information (PII), federal agencies must protect the confidentiality, integrity, and availability of this information and respond effectively to data breaches and security incidents. Likewise, the tendency of the private sector to collect detailed and detailed information about individuals requires appropriate limits.
To underscore the importance of these issues, GAO has designated information security as a government-wide high-risk area. since 1997. This high-risk area has been expanded in 2003 include the protection of critical cyber infrastructure and, in 2015to include PII privacy protection.
Ten Critical Actions Needed to Address Four Major Cybersecurity Challenges
The GAO has made more than 4,000 recommendations to federal agencies to address cybersecurity gaps. However, over 880 of these had not been fully implemented as of December 2022. Of these, we have designated 134 as priority recommendations, meaning that we believe they deserve priority attention from the heads of key departments and agencies. Until these deficiencies are corrected, federal IT and critical infrastructure systems will be increasingly vulnerable to cyber threats.
To learn more about GAO’s reports and recommendations, see the Key Reports tab below.
