“The Department of Veterans Affairs (VA) is making progress on improving cybersecurity, but with past weaknesses and upcoming modernization efforts, the department needs to address outstanding issues and set a solid security foundation, witnesses testified to the House Veterans Affairs Subcommittee on Technology Modernization on November 14.”
“While VA ranks near the median when it comes to cybersecurity, the department has been slow to close out some recommendations from the agency’s inspector general and the Government Accountability Office (GAO).”
“’In fiscal year 2016, we recommended 74 actions for the department to take to improve its cybersecurity program and remedy known control deficiencies with selected high-impact systems. However, as of October 2019, over 3 years later, VA had implemented only 32 (or 43 percent) of the 74 recommendations,’ noted testimony from GAO. Additionally, VA’s financial reporting system has been identified as a material weakness for the 17th year in a row.”
“The lack of resolved recommendations for GAO reports can be attributed to incomplete documentation, said Greg Wilhausen, director of IT and Cybersecurity at GAO…”
“Members of Congress focused their concerns on the cybersecurity threats to VA’s supply chain, especially on the medical side…” Read the full article here.
Source: VA Cyber Falls Under the Microscope in Congress – November 18, 2019. MeriTalk.
