The Pentagon Has Unimplemented Cyber Recommendations from 2012
A new report from the Office of Inspector General points out longstanding unmet requests.
ADAM MAZMANIAN | FEBRUARY 3, 2023
CYBER PENTAGON C4ISR
The Department of Defense has open cybersecurity recommendations dating back more than 10 years, according to a report compiled by the agency's internal watchdog.
DOD's Office of Inspector General said in a recent report that the agency had 478 open cybersecurity-related recommendations from earlier oversight reports, with some dating to 2012.
The January 2023 report doesn't contain new recommendations, but does round up cybersecurity oversight going back to July 1, 2020, and identifies certain trends in cybersecurity oversight from OIG, the Government Accountability Office and other oversight organizations inside DOD.
One key observation relates to the nature of oversight itself. Oversight relating to the use of the National Institute of Standards and Technology cybersecurity framework skews strongly to just a few of the five pillars of NIST's framework: identify, protect, detect, response and recovery.
https://www.defenseone.com/policy/2023/02/dods-open-cyber-recommendations-date-back-2012/382655/
