Federal agencies must do a better job of securing Internet-connected devices, among other cybersecurity measures, the US Government Accountability Office said in a report published Thursday.
The GAO said that while it has made about 335 recommendations in public reports since 2010 about federal agencies’ and the nation’s critical infrastructure technology systems, about 190 of them had not been fully implemented as of December.
“Federal agencies rely heavily on information and communications technology products and services to carry out their operations,” but “are exposed to many risks in the ICT supply chain, including threats from counterfeiters who can exploit supply chain vulnerabilities,”; it said the report.
Among other specific findings, the report said the Office of Management and Budget and the Department of Homeland Security “have partially addressed most of the key practices associated with effective reforms,” but have not established a dedicated implementation team or a government-wide implementation plan, among other things.
The report also said that quantum computing could potentially create major cybersecurity risks, and federal regulatory considerations must evolve as artificial intelligence technologies evolve.