While the Administration is trying to convince companies to adopt its voluntary Cybersecurity Framework, and the Federal Trade Communication, Department of Health and Human Services, and other agencies investigate companies suffering data breaches, the federal government appears to have neglected to tend its own garden.  A recent Government Accountability Office report, entitledInformation Security: Agencies Need to Improve Cyber Incident Practices, concluded that 24 major federal agencies failed to consistently demonstrate that they had effective cyber-incident response practices in place.  It also concluded that the Office of Management and Budget’s and Department of Homeland Security’s process for reviewing  agencies’ cybersecurity posture (CyberStat) – has fallen short of its oversight mandate.  The GAO recommends that agencies follow incident response standards more strictly, that DHS improve its assistance, and that OMB and DHS use CyberStat meetings to strengthen agencies’ incident response practices.