GAO: DHS and Other Agencies Need to Fully Implement Key Cloud Security Practices

The Government Accountability Office (GAO) has looked at how four agencies implemented key cloud security practices, like having a plan to respond to incidents. While the agencies implemented some of the security practices, GAO found that none of them fully implemented all of the practices for their systems.

Cloud services—on-demand access to shared resources such as networks, servers, and data storage—can help federal agencies deliver better IT services for less money. But without effective security measures, these services can make agencies vulnerable to risks such as cyber attacks.

In January 2022, the Office of Management and Budget released its memorandum on Moving the U.S. Government Toward Zero Trust Cybersecurity Principles, which required agencies to meet specific cybersecurity standards and objectives by the end of fiscal year 2024.

Read more: Homeland Security Today