Cybersecurity Regulatory Overlap a Danger: GAO

The fact that multiple agencies regulate cybersecurity could result in regulation overlap and duplication, the Government Accountability Office cautioned in a report Wednesday. The study -- based on a pair of GAO-convened industry panels -- concluded that federal agencies have made limited progress in harmonizing cybersecurity oversight. One challenge it cited is that cybersecurity definitions and requirements can be vague, lack standardization or fail to account for different industry sectors. There also might be conflict between federal and foreign requirements. GAO said opportunities for harmonizing federal cybersecurity regulations include getting guidance from the National Institute of Standards and Technology and identifying a single entity with primary authority over the various agencies that enforce cybersecurity regulations.