GAO’s reports and testimonies give Congress, federal agencies, and the public timely, fact-based, non-partisan information that can improve government operations and save taxpayers billions of dollars.
The U.S. Postal Service has over 31,000 retail facilities—a network reaching into almost every community in the nation. As demand for some mail products has declined, USPS has been unable to cover its costs as it is required to do—putting it on our High Risk list.
Q: How does the government help keep banks, water systems, and other critical infrastructure from getting hacked?
A: A federal agency that issues standards and procedures—NIST—has a cybersecurity framework that critical infrastructure organizations can adopt.
Federal agencies are increasingly using cloud computing services. Cloud computing offers benefits but also poses cybersecurity risks. OMB requires agencies to use the Federal Risk and Authorization Management Program to authorize their use of cloud services.
What GAO Found Most of the 16 critical infrastructure sectors took action to facilitate adoption of the National Institute of Standards and Technology's (NIST) Framework for Improving Critical Infrastructure Cybersecurity by entities within their sectors.
What GAO FoundThe selected federal agencies have made progress implementing the Office of Management and Budgets (OMB) Cloud First policy. Consistent with this policy, each of the seven agencies incorporated cloud computing requirements into their policies and processes.