To be fair, 49 of the 55 objectives have been met, the GAO said in a report. Unfortunately, those that remain are rather important, Marisol Cruz Cain, GAO director of information technology and cybersecurity - and author of the report - told The Register in an interview.
"Those items include the need for several government agencies to define what they believe is meant by 'critical software,' a crucial step in protecting the nation's IT," Cruz Cain said.
"CISA told us they have a preliminary definition and also [a] preliminary list of what would be considered critical software, but they're still refining it," Cruz Cain said.
"Information security is a bipartisan issue," Cruz Cain said. "Everybody wants all systems protected."
[
add
]
[
|
|
...
]