Nextgov: Cybersecurity and IT Remain Top Concerns on GAO’s High-Risk List

“The Government Accountability Office released its biennial list of high-risk government programs. Federal IT and cybersecurity issues remained on the list, with the latter getting worse since the last report.

‘Our overall conclusion is that there’s been limited progress in the majority of the high-risk areas,’ Comptroller General Gene Dodaro, who leads GAO, said Tuesday in a House Oversight and Reform hearing…”

“While 2020 was a tough year for federal cybersecurity—from relatively minor breaches to one of the largest hacking campaigns in history—government efforts remained steady for four out of five metrics. Cybersecurity efforts stayed flat at ‘partially met’ for demonstrated progress, monitoring, action plan and capacity.

However, GAO docked the previous administration under ‘leadership commitment,’ citing the ‘elimination of the White House cybersecurity coordinator position in May 2018.’ That metric fell from ‘met’ to ‘partially met.’…”

“‘In our report, we talk about the weaknesses in the IT supply chain, which was one of the problems that led to the SolarWinds attack,’ Dodaro said, putting IT supply chain on the same level as leadership issues. ‘We made 145 recommendations to agencies to implement better practices to manage their IT supply chains—that goes to the heart of the SolarWinds incident.’…”

“While IT supply chain is a significant cybersecurity issue, acquisition of new technologies and maintenance of expensive, aging legacy systems continues to be its own category on the list…”

“’Of the 10 agencies responsible for these legacy systems, seven agencies had documented plans for modernizing the systems,’ the report states. ‘However, most lacked the key elements identified in best practices—milestones, a description of the work necessary to complete the modernization and a plan for the disposition of the legacy system. The remaining three agencies did not have documented modernization plans.’…” Read the full article here.

Source: Cybersecurity and IT Remain Top Concerns on GAO’s High-Risk List – By Aaron Boyd, March 2, 2021. Nextgov.


This topic contains 0 replies, has 1 voice, and was last updated by  Jackie Gilbert 1 month, 2 weeks ago.

  • Author
  • #120802

    Replies viewable by members only


You must be logged in to reply to this topic.


Questions?. Send us an email and we'll get back to you, asap.


©2021 MileMarker10, LLC all rights reserved | Community and Member Guidelines | Privacy Policy | About G2Xchange FedCiv

Opportunities. Starting Points.

About our Data

The Vault is a listing of expiring contracts, task orders, etc. within a certain set of parameters, to include:

  • Have an initial total estimated contract value of $10 million or above
  • Federal Civilian Only – DHS, Transportation, Justice, Labor, Interior, Commerce, Energy, State, and Treasury Actions
  • NAICS codes include: 511210, 518210, 519130, 519190, 541511,
    541513, 541519, 541611, 541618,
    541690, 541720, 541990
  • Were modified within the last 12 calendar months
  • The data represented is based on information provided by the government

Who has access? Please note that ALL G2Xchange FedCiv Members will receive access to all basic and much of the advanced data. G2Xchange FedCiv Corporate Members will receive access to ALL Vault content (basic and advanced).

Feedback/Suggestions? Contact us at and let us know what you think. 

G2Xchange FedCiv

Log in with your credentials for G2Xchange FedCiv

Forgot your details?