Defense Cybersecurity: Defense Logistics Agency Needs to Address Risk Management Deficiencies in Inventory Systems
Abstract
In November 2018 DOD's Survivable Logistics Task Force examined current and emerging threats to DOD logistics, including cybersecurity threats. The taskforce concluded that DOD's inventory management systems were potentially vulnerable to cyberattacks, and that DOD did not have corrective action plans to mitigate the potential risks posed by associated vulnerabilities. House Report 116-120, accompanying a bill for the National Defense Authorization Act for Fiscal Year 2020, included a provision for GAO to evaluate DOD's efforts to manage cybersecurity risks to the DOD supply chain. GAO's report determines the extent to which DLA has implemented risk management steps to address cybersecurity risks to its inventory management systems. GAO selected six systems that DLA officials deemed critical to inventory management operations. GAO reviewed documents, analyzed data, and interviewed officials to determine whether DLA fully addressed, partially addressed, or did not address DOD steps for cybersecurity risk management.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 01, 2021
- Accession Number
- AD1138129
Entities
People
- Ashley Houston
- Diana Maurer
- Ed Yuen
- Josh Leiling
- Katherine Noble
- Lamis Alabed
- Marilyn Wasleski
- Tommy Baril
- Torrey Hardee
- Vijay A. D'souza
- Warren Emilien
Organizations
- United States Government Accountability Office