GAO: 24% of Federal Cyber Recommendations Remain Open

The federal government has failed to implement about 24% of recommendations for solving cybersecurity “shortcomings” since 2010, GAO reported Thursday about the SolarWinds and Microsoft Exchange incidents. The agency has made 3,700 recommendations since 2010, 900 of which the government hadn't fully implemented by November, GAO said. The auditor said it “will continue to monitor federal agencies' progress in fully implementing these recommendations, including those related to software supply chain management and cyber incident management and response.”