US federal watchdog agency outlines key measures for better protecting sensitive data under the federal government's control.
The most recent in a series of US Government Accountability Office (GAO) reports on the state of cybersecurity across the federal government makes specific recommendations about the collection, use, and sharing of personally identifiable information (PII).
In a Feb. 14 report, the GAO recommended improving the protection of private data, particularly information collected in retirement plans.
Besides the cybersecurity of stored data, the report calls on agencies to establish data privacy policies and procedures that include record-keeping that identifies the types of personal data collected, regular privacy impact reviews, and the coordination of these data privacy functions across the agency.
The latest GAO cybersecurity assessment points out, as it has in previous reports, that agencies have been slow to adopt its recommendations.
"We have made 236 recommendations in public reports since 2010 with respect to protecting cyber critical infrastructure," the GAO added in its report. "Until these are fully implemented, federal agencies will be more limited in their ability to protect private and sensitive data entrusted to them."
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024