Forty percent of federal cybersecurity executives who responded to an ISC survey said their agencies still lack “effective” incident response plans nearly a year after the U.S. government suffered a large-scale breach of employee and contractor records.

ISC said Thursday findings in the nonprofit’s 2016 State of Cybersecurity from the Federal Cyber Executive Perspective report were based on online and personal interviews of 56 senior-level cyber executives from the federal civilian, defense, intelligence and contracting sectors.

The KPMG-sponsored survey found that 52 percent of respondents think a government-wide cyber sprint the Office of Management and Budget implemented last year in response to the massive Office of Personnel Management hack did not strengthen the overall security of agency information systems.

Fifty-nine percent of executives surveyed said their agencies have trouble understanding how a cyber attacker can potentially access their systems and 41 percent indicated their agencies are not aware of the location of their critical assets.

“Clear reporting lines and accountability are foundations for a good cybersecurity program and we hope this report sheds light on this issue,” said Tony Hubbard, principal of KPMG.

ISC also found that 21 percent of respondents could not identify a senior leader who have sole responsibility of cybersecurity functions within their agencies.

Forty-percent said they consider people as the greatest cybersecurity asset or liability to federal organizations.

The U.S. Navy plans to update information technology tools the service uses to maintain its fleet of ships as part of a larger effort to protect the vessels from cyber threats, Federal News Radio reported Thursday.

Jared Serbu writes the project seeks to procure new IT products meant to replace more than 100 legacy shipyard systems and applications.

The Navy wants a platform that handles repair schedules, spare parts security, financial management, workforce planning and other tasks throughout every phase of ship maintenance, according to the report.

Bruce Urbon, program manager for the Navy Maritime Maintenance Enterprise Solution-Technical Refresh program, told a conference that the applications “were developed over time in a very stovepiped fashion by various organizations, they were never designed to interoperate and it’s very hard to keep them cyber-secure,” the station reports.

“It’s a growing concern within the Navy that these systems are going to fail, and that’s going to have an impact on fleet readiness and getting ships ready to deploy,” Urbon said at the Naval IT conference hosted by AFCEA’s Northern Virginia chapter.

Greg Zacharias, chief scientist of the U.S. Air Force, has said that fighter jets might be able to fully control a group of unmanned aircraft systems through the cockpit to perform reconnaissance, electronic warfare, weapons transport and targeting missions in the future.

Zacharias told Scout Warrior reporter Kris Osborn in an interview published Thursday F-35 aircraft pilots could someday directly use video feeds generated by electro-optical/infrared sensors onboard the service branch’s drones to facilitate targeting operations without the need to go through ground control stations.

“The more autonomy and intelligence you can put on these vehicles, the more useful they will become,” Zacharias said.

He also noted the potential use of “decision aide support” that involves the use of machines that work to analyze and transmit data without the need for human intervention.

“A person comes in and does command and control while having a drone execute functions,” Zacharias said.

“The resource allocation will be done by humans,” he added.

The Commerce Department’s National Telecommunications and Information Administration has released a document that lists five voluntary best practices for the commercial and private use of unmanned aircraft systems.

Angela Simpson, deputy assistant secretary for communications and information at NTIA, wrote in a blog entry posted Thursday that NTIA collaborated with industry, trade groups and other stakeholders to develop the guidelines that seek to address transparency, accountability and privacy issues related to UAS.

The guidelines call for drone users to notify other individuals of UAS use and data collection activities, practice caution when it comes to collection and storage of data of specific individuals, restrict use and sharing of such data, implement measures to ensure security of covered data as well as comply with laws on the use of drones.

According to the document, the best practices do not apply to news organizations as well as to safety and rescue missions and other emergency response efforts.

The document also contains guidelines for recreational drone operators.

Mary Jo White, Securities and Exchange Commission chair, has said some cyber policies over the U.S.’ financial system are not enough to mitigate risks, Reuters reported Wednesday.

White told the Reuters Financial Regulation Summit that SEC discovered some major exchanges, dark pools and clearing houses that did not have adequate cyber policies to address potential threats, Lisa Lambert and Suzanne Barlyn wrote.

“What we found, as a general matter so far, is a lot of preparedness, a lot of awareness but also their policies and procedures are not tailored to their particular risks,” said White.

White added SEC examiners work to assess the cyber defenses of broker-dealers and investment advisers, Lambert and Barlyn wrote.