GAO Calls on Federal Agencies to Enhance Breach Response

In a report published on April 2nd, the Government Accountability Office (GAO) found that “the number of reported information security incidents involving personally identifiable information (PII) has more than doubled over the last several years” and offers 22 recommendations for federal agencies, including that “OMB update its guidance on federal agencies' responses to PII-related data breaches.”

The report, “Information Security: Federal Agencies Need to Enhance Responses to Data Breaches,” noted that “agencies have had mixed results in addressing the eight components of an information security program called for by law, and most agencies had weaknesses in implementing specific security controls.”