"No one within DHS is assessing or addressing cyber risk to building and access control systems particularly at the nearly 9,000 federal facilities, protected by the Federal Protective Service (FPS)," the GAO report, released Monday, found.
The FPS falls under DHS and is responsible for protecting federal facilities.
The GAO, an independent agency that provides the Congress with auditing and investigative services, found the DHS has only taken "preliminary steps to begin to understand" the risks, posed by cyber security breaches to federal buildings and access systems in the United States.
The GAO said the need for cybersecurity protection for federal building and access control systems – which include heating, ventilation, air conditioning, electronic card readers and closed circuit camera systems – is all the more important, because these systems are made more vulnerable as they are automated and connected to outside information systems, networks and the Internet.
The GAO report comes at a time US policy makers have vowed to address the threats posed to the US government, corporations and individuals after a series of cyber security breaches. In the latest series of cyber-attacks, US Central Command's Twitter and YouTube accounts were hacked by a group, claiming to be affiliated with the Islamic State extremist organization.