The killing of four Marines at a Navy installation in Tennessee has sparked a debate about how to protect service members from extremist attacks. A recent Government Accountability Office report found that the Defense Department needs to do a better job protecting against insider threats.

Published in July, the report looked at what actions the Defense Department has taken since the November 2009 shooting at Fort Hood, Texas, when Army Maj. Nidal Malik Hasan killed 13 people and wounded 32 others.

The report found some Defense Department policies do not adequately cover insider threats.

For example, the department has no policy for when service members and contractors should report to base security officials that they have seen someone taking a gun onto base — especially into work.

Another issue is that the Defense Department's instruction for military bases' emergency management programs does not include any provisions about car bombs or person-borne bombs, which could be used as part of an insider attack, the report said.

The Defense Department plans to address those issues, according to the report.

The GAO also found that the Defense Department needs to do a better job sharing information among military bases and even on military bases themselves.

"For example, we found that the Air Force officials at Joint Base San Antonio were not aware and had not received a copy of an after-action report that an Army tenant on the installation had completed after an individual with access to the installation shot an employee on the installation," the report found. "Air Force officials were not aware of this report and its recommendation even though they are responsible for security on the Joint Base because the installation command had not set up a working group with the tenant officers where such information could have been shared."

The Defense Department responded to the GAO's findings by saying it has working groups in place within the Office of the Undersecretary of Defense for Intelligence and the Mission Assurance Senior Steering Group, the report said.

"However, the information-sharing actions that DOD identified in its comments are actions that are occurring at senior DOD levels and not at the installation level," the report found.