US federal watchdog agency outlines key measures for better protecting sensitive data under the federal government's control.

Dark Reading Staff, Dark Reading

February 15, 2023

1 Min Read
Abstract image of boxes for data collection
Source: Andreas Fülscher Schliemann via Alamy Stock Photo

The most recent in a series of US Government Accountability Office (GAO) reports on the state of cybersecurity across the federal government makes specific recommendations about the collection, use, and sharing of personally identifiable information (PII).

In a Feb. 14 report, the GAO recommended improving the protection of private data, particularly information collected in retirement plans.

Besides the cybersecurity of stored data, the report calls on agencies to establish data privacy policies and procedures that include record-keeping that identifies the types of personal data collected, regular privacy impact reviews, and the coordination of these data privacy functions across the agency.

The latest GAO cybersecurity assessment points out, as it has in previous reports, that agencies have been slow to adopt its recommendations.

"We have made 236 recommendations in public reports since 2010 with respect to protecting cyber critical infrastructure," the GAO added in its report. "Until these are fully implemented, federal agencies will be more limited in their ability to protect private and sensitive data entrusted to them."

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights