From the report, “DOur objective was to (1) summarize unclassified and classified reports issued and testimonies made from the DoD oversight community and the Government Accountability Office (GAO) between July 1, 2017, and June 30, 2018, that included DoD cybersecurity issues; (2) identify cybersecurity risk areas for DoD management to address based on the five functions of the National Institute of Standards and Technology (NIST), “Framework for Improving Critical Infrastructure Cybersecurity,” April 16, 2018 (Cybersecurity Framework); and (3) identify the open DoD cybersecurity recommendations. This summary report also addresses the Federal Information Security Modernization Act of 2014 (FISMA) requirement to provide an annual independent evaluation of the agency’s information security program by using the identified findings to support the responses made in our assessment.”