Following the SolarWinds breach discovery in 2020, CISA improved its ability to detect and mitigate risks from major cyberattacks, but work remains to safeguard Federal networks. CISA coordinates Federal agencies’ defense against cyberattacks, but the SolarWinds response revealed that CISA did not have adequate resources — backup communication systems, staff, or secure space — to effectively respond to threats.
Open Recommendations
Recommendation Number | Significant Recommendation | Recommended Questioned Costs | Recommended Funds for Better Use | Additional Details | |
---|---|---|---|---|---|
1 | No | $0 | $0 | ||
We recommend the CISA Director update CISA’s Continuity of Operations Plan and develop and implement an information system contingency plan, to ensure availability of redundant systems, capabilities, and communication methods to use if primary systems or networks are compromised. | |||||
2 | No | $0 | $0 | ||
We recommend the CISA Director require the facility and operations staff conduct an assessment to determine whether secure facility space is appropriately sized and configured to meet operational needs and document any changes necessary for staff to obtain and maintain appropriate access to intelligence information. | |||||
3 | No | $0 | $0 | ||
We recommend the CISA Director require an assessment to document the levels of staffing, resources, and intelligence access needed for operational divisions, cyber detection and mitigation capabilities, and support functions. | |||||
4 | No | $0 | $0 | ||
We recommend the CISA Director create and implement a long-term plan for the Cybersecurity Division that includes provisions for ownership, operations, and maintenance of the National Cybersecurity Protection System’s data analytics capabilities. |