A comprehensive review of government military and national security spending patterns revealed that the Department of Defense's (DoD) information technology business arm still lacks cybersecurity strategies in several of its programs.
According to the GAO, programs supporting the daily software needs of Defense Department employees should swiftly implement approved cybersecurity strategies. This action aims to enhance their resilience against potential cyberattacks and reduce scheduling and performance costs effectively.
“In our annual assessment, we reviewed 21 of those programs and found 10 are developing software and using an Agile approach. This is an iterative development process in which software is delivered in increments throughout the project, letting program staff catch errors quickly and get continual user feedback. But 4 of these programs didn't use metrics or management tools required for this type of approach —especially when tracking customer satisfaction and software development progress,” GAO said in the report.
GAO recommends the DoD to ensure that IT business programs developing software are using Agile metrics and management tools required by DOD and consistent with GAO's Agile Guide.