GAO report finds DOD’s weapons programs lack clear cybersecurity guidelines


In a new report released Thursday, the U.S. Government Accountability Office (GAO) said the Department of Defense fails to communicate clear cybersecurity guidelines to contractors tasked with building systems for its weapons programs.

As part of its so called congressional watchdog duties, the GAO found that Defense Department weapons programs are failing to consistently incorporate cybersecurity requirements into contract language.

For instance, three out of five contracts reviewed by the GAO had no cybersecurity requirements written into the contract language when they were awarded, with only vague requirements added later. And out of the four military service branches, only the Air Force has a record of issuing service-wide guidance on cybersecurity requirements in contracts.

Read more…
Source: ZDNet