Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Office of Inspector General, U.S. Department of Commerce

An official website of the United States government

Report Fraud, Waste, and Abuse
Home » Audits and Evaluations

Audits and Evaluations

Home > Top Management Challenges > Fundamental Deficiencies in OS' Cybersecurity Incident Response Program Increase the Risk of Cyberattacks

Fundamental Deficiencies in OS' Cybersecurity Incident Response Program Increase the Risk of Cyberattacks

Date Issued March 22, 2023
Report Number OIG-23-017-I
Report Type Audits / Evaluations
Description

Our evaluation found that the Office of the Secretary’s (OS’) Security Operations Center had not properly configured its security tools to detect our simulated attacks and struggled to effectively respond to the incident. We also found that OS’ Office of the Chief Information Officer did not manage its incident detection and response program in accordance with federal requirements.
View Report OIG-23-017-I_Final_Report.pdf
View Abstract OIG-23-017-I_Abstract_SECURED.pdf
View Announcement Evaluation-of-the-Departments-Cyber-Incident-Detection-and-Response.pdf
Privacy Policy | U.S. Department of Commerce | Accessibility | IG NET | FOIA | USA.gov | Vulnerability Disclosure Policy