US Treasury lacks cyber defense strategy to protect own systems, watchdog says

30 July 2019 9:51pm
The US Department of the Treasury, which helps coordinate financial-sector preparations for a cyberattack, hasn’t developed policies to secure its own systems or the capability to assess cyber risks it faces, the US Government Accountability Office said.

Shortcomings at Treasury and more than a dozen other federal agencies can be traced in part to lack of guidance from the White House Office of Management and Budget and the US Department of Homeland Security, the nonpartisan congressional watchdog’s report said.

“The risks to IT systems supporting the federal government and the nation’s critical infrastructure are increasing as security threats continue to evolve and become more sophisticated,” the 119-page report released last week said. “Without additional guidance or assistance [from OMB and DHS] to mitigate these challenges, agencies will likely continue to be hindered in managing cybersecurity risks.”