NORFOLK, Va. - A nonpartisan government watchdog says the military has made progress in protecting weapons systems from cyberattacks, but there's still more that could be done.
The report from the Government Accountability Office says that the Defense Department needs to consistently incorporate cybersecurity requirements into contract language.
The GAO pointed to contracts the agency reviewed that contained no cybersecurity requirements when they were awarded and only vague requirements added later.
The most recent report builds off a 2018 review by the GAO and lauds the progress that's been made, including enhanced cyber testing and additional guidance.
However, the GAO says additional requirements in contracts can ensure enhanced safety.
"Cybersecurity requirements should be defined in acquisition program contracts, and criteria should be established for accepting or rejecting the work and for how the government will verify that requirements have been met," the GAO recommended.
You can read the full report from the Government Accountability Office here.
