CISA Must Fully Organize to Prevent Cyberattacks: GAO
The Cybersecurity and Infrastructure Security Agency in the Department of Homeland Security must fully complete Congress-mandated organizational planning to effectively “identify and respond to cybersecurity incidents” like the Russia-linked SolarWinds hack (see 2012170050), GAO reported Wednesday. Senate Intelligence Committee Chairman…
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
Mark Warner, D-Va., and others are drafting a cyber hack reporting measure (see 2103040066). CISA “completed the first two of three phases of its organizational transformation initiative” before Congress’ December deadline but had completed only “about a third of the tasks planned for the final phase” by then, GAO said. Tasks not completed include “finalizing the mission-essential functions of CISA's divisions and issuing a memorandum defining incident management roles and responsibilities across CISA. Tasks such as these appear to be critical to CISA's transformation initiative and accordingly its ability to effectively and efficiently carry out its cyber protection mission.” DHS agreed with GAO’s assessment of CISA’s progress but didn’t fully specify its plans for completing its organizational efforts, the office said.