The Department of Defense’s office of inspector general has released a summary of 20 unclassified and four classified reports related to cybersecurity and found that the Pentagon continues to encounter challenges in managing cyber vulnerabilities to its network.
The Government Accountability Office and the Pentagon’s oversight community issued those reports from July 1, 2017 through June 30, 2018, according to OIG’s report published Wednesday.
According to the summary, the unclassified documents highlighted improvements in security continuous monitoring; identity management and access control; data protection procedures; and asset management.
Of the 159 recommendations in the unclassified reports, the inspector general found that the department has moved to address 19 of those suggestions by initiating measures to build up its cybersecurity posture.
The OIG noted in the summary that the highest number of identified cyber weaknesses were linked to governance, which enables organizations to manage security risks through implementation of policies and processes.
“Without proper governance, the DoD cannot ensure that it effectively identifies and manages cybersecurity risk as it continues to face a growing variety of cyber threats from adversaries, such as offensive cyberspace operations used to disrupt, degrade, or destroy targeted information systems,” according to the summary.
The summary also showed that there were 266 open recommendations related to cybersecurity as of Sept. 30, 2018.