GAO Report to Congressional Committees

Critical infrastructure protection agencies need to assess the adoption of cybersecurity guidance. The nation’s 16 critical infrastructure sectors provide essential services such as banking, electricity, gas, and oil distribution. However, increasing cyber threats—like the May 2021 ransomware cyberattack on an American oil pipeline system that led to regional gas shortages—represent a significant national security challenge.