A new report from the Government Accountability Office (GAO) is calling on Federal agencies to better protect critical infrastructure sectors by conducting Internet of Things (IoT) and operational technology (OT) risk assessments, as well as developing better metrics to assess their existing IoT and OT efforts.
The government watchdog agency analyzed government agencies with leadership in three critical infrastructure sectors: energy, healthcare and public health, and transportation systems. While the agencies have taken some initiatives to manage the cybersecurity risks posed by IoT and OT devices and systems, GAO said they’ve not assessed risks to the sectors as a whole…
GAO made eight recommendations, including for OMB to quickly establish the required IoT cybersecurity waiver process. Additionally, GAO is recommending the other lead agencies establish and use metrics to assess the effectiveness of sector IoT and OT cybersecurity efforts, as well as evaluate sector IoT and OT cybersecurity risks… Read the full article here.
