“The Department of Health and Human Services (HHS) still needs to address a pair of open cybersecurity priority recommendations related to cybersecurity coordination and implementation of a cybersecurity framework, according to a new report by the Government Accountability Organization (GAO).”
“GAO reported those open recommendations as part of a larger set of 56 open priority recommendations. Of those, 51 remain open from a May 2021 GAO report, plus five new priority recommendations that GAO added in its latest report.”
“In the new report, GAO said HHS did complete action on a pair of recommendations that address and improve the agency’s cyber risk management.”
“’The Federal government exchanges a large variety of sensitive information with states to implement key federal and state programs,’ GAO said. ‘Recent high profile cyberattacks targeting the public and private sectors highlight the urgent need to address cybersecurity weaknesses.'”
“’We have identified two priority recommendations in this area that call for working with sector partners to determine cybersecurity framework adoption and revising assessment policies to maximize coordination,’ the report continues. ‘If implemented, these recommendations would improve HHS’s ability to address cyber-related risks…'” Read the full article here.
Source: GAO: HHS Still Facing Open High-Priority Cyber Fix Recommendations – By Lamar Johnson, June 3, 2022. MeriTalk.
