Information Technology and Cybersecurity: Significant Attention is Needed to Address High-Risk Areas, Statement of Kevin Walsh, Director, Information Technology and Cybersecurity, Testimony Before the Subcommittee on Government Operations, Committee on Oversight and Reform, House of Representatives [open pdf - 1MB]
From the Highlights: "The effective management and protection of IT [information technology] has been a longstanding challenge in the federal government. Each year, the federal government spends more than $100 billion on IT and cyber-related investments; however, many of these investments have failed or performed poorly and often have suffered from ineffective management. Accordingly, GAO [Government Accountability Office] added improving the management of IT acquisitions and operations as a high-risk area in February 2015. Information security has been on the high-risk area since 1997. In its March 2021 high-risk update, GAO reported that significant actions were required to address IT acquisitions and operations. Further, GAO noted the urgent need for agencies to take 10 specific actions on four major cybersecurity challenges. GAO was asked to testify on federal agencies' efforts to address the management of IT and cybersecurity."
Government Accountability Office: https://www.gao.gov/