"GAO Calls for Action to Protect Cybersecurity of Critical Energy, Communications Networks"
A new US Government Accountability Office (GAO) assessment of the nation's critical infrastructure cybersecurity recommends a more robust role for the federal government in protecting Industrial Control Systems (ICS), especially those that operate the nation's energy grid and communications networks. In its report, the GAO pointed out that the US Department of Energy's (DOE) cybersecurity plan did not address vulnerabilities in the distribution systems of individual energy grids. The GAO suggested that, when establishing plans to implement the national cybersecurity strategy for the grid, DOE works with the Department of Homeland Security (DHS), states, and industry to more comprehensively address cyberattack risks to the grid's distribution systems. In addition, the Cybersecurity and Infrastructure Agency (CISA) is urged by the GAO report to improve cooperation and incident management across all levels of government in order to protect against ransomware threats. This article continues to discuss the top recommendations in the new GAO cybersecurity assessment.