Federal incident response requirement adherence still lagging

SecurityWeek reports that while all 23 U.S. federal agencies have worked to integrate the Cybersecurity and Infrastructure Security Agency's vulnerability and incident response playbook into their incident response plans, as well as commenced incident response software deployment, only three agencies have completed the implementation of event logging requirements by August. Ineffective adoption of event logging capabilities was observed across 17 agencies, while three others were at the basic level, according to a report from the Government Accountability Office. Agencies including the Departments of Health and Human Services, Homeland Security, Education, Energy, Justice, State, Labor, Transportation, and Treasury, as well as the General Services Administration, Environmental Protection Agency, and Office of Personnel Management have cited inadequate staffing, technical difficulties, and threat intelligence sharing restrictions as the main hindrances to reaching event logging maturity. "Federal entities have ongoing efforts that can assist in addressing these challenges. These efforts include onsite cyber incident response assistance from CISA, event logging workshops and guidance, and enhancements to a cyber threat information sharing platform," said GAO.