GAO calls for improved implementation of national cybersecurity plan

The U.S. Office of the National Cyber Director has been urged by the Government Accountability Office to strengthen the implementation of the national cybersecurity strategy by adding outcome-oriented performance measures, as well as details regarding the cost of its initiatives, CyberScoop reports. Outcome-oriented performance measures could be developed for incident reporting alerts and other instances, a recommendation that was accepted by the ONCD despite noting the lack of measurements to gauge cybersecurity effectiveness. However, the GAO's recommendation for providing cost estimates was rejected by the ONCD, citing complexities in the budget process. "Without outcome-based performance measures, ONCD and its stakeholders will be limited in gauging the effectiveness of actions taken to implement the strategy. Further, without estimating the costs of implementing applicable initiatives, ONCD and other implementing agencies will be challenged in ensuring that adequate resources are available for those initiatives," wrote the GAO in its report.