EPA Sets Deadline for Comprehensive Cybersecurity Risk Assessments

The agency responds to GAO feedback with improved procedures and performance metrics to support cyber defenses.

The Environmental Protection Agency (EPA) is set to establish a comprehensive process for organization-wide cybersecurity risk assessments in the coming months in response to negative feedback from a 2019 Government Accountability Office (GAO) report. The agency followed the GAO’s recommendations to support the agency’s defenses against increased cyber threats by adopting a risk-based approach. The process is on track to be finalized by November 22.

“The procedures also include activities to consolidate the various cybersecurity dashboards into one overall dashboard that provides an executive level view of EPA’s risk posture,” an EPA spokesperson stated.

The EPA has updated its cybersecurity risk management strategy and is revising internal procedures to enhance ongoing risk assessment activities, such as logging maturity, authentication, vulnerability remediation, and a modified risk-scoring system. The EPA has also issued alerts to water utilities about rising threats and formed a task force to defend against cyberattacks on the water sector.

As the Lord Leads, Pray with Us…

  • For EPA Administrator Michael Regan and members of the agency as they implement the GAO’s recommendations for greater cybersecurity.
  • For wisdom for U.S. cyber security officials as they seek to resolve vulnerabilities in U.S. infrastructure.

Sources: FedScoop, JD Supra

RECENT PRAYER UPDATES


Back to top
FE3