US Federal Agencies Hit With 10% Jump In Cyber 'Incidents' - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Government // Cybersecurity
03:06 PM

US Federal Agencies Hit With 10% Jump In Cyber 'Incidents'

US government agencies faced a double-digit rise in cyber-security incidents last year, even though the White House greatly ramped up efforts to button down cyber-security, according to an Office of Management and Budget report.

10 Stupid Moves That Threaten Your Company's Security
10 Stupid Moves That Threaten Your Company's Security
(Click image for larger view and slideshow.)

Federal agencies were hit with a double-digit rise in cyber-security incidents last year, despite the government's throwing more resources at curtailing attacks and security breaches, according to a recently released report by the Office of Management and Budget.

During 2015, the number of cyber-security incidents climbed to 77,183, 10% more than the previous year, the OMB report stated. The threats ranged from security breaches, to attempted attacks, to port scans.

"Despite unprecedented improvements in securing Federal information resources during FY 2015, malicious actors continue to gain unauthorized access to, and compromise, Federal networks, information systems, and data," the report stated. "The increasing number and impact of these incidents demonstrate that continuously confronting cyber threats must remain a strategic priority."

(Image: Mikko Lemola/iStockphoto)

(Image: Mikko Lemola/iStockphoto)

Last summer, the US Chief Information Officer Tony Scott launched a 30-day Cybersecurity Sprint, which called on all federal agencies to take four steps to improve their agency's defense against cyberattacks.

Those steps included immediately patching critical vulnerabilities, tightening access for privileged users, accelerating the use of multifactor authentication, and deploying cyber-security indicators to scan systems and check logs following the massive security breach at the Office of Personnel Management that revealed the personal files of millions of federal workers.

Some of these four steps may have aided the government in finding more cyber-security incidents that it might not have otherwise found, potentially contributing to the rise in the number of overall threats detected last year.

Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

Of all of the 75,087 incidents that were reported to US-Cert by federal agencies, 34% fell into the "other" category of security issues. Some of these incidents may have been picked up as a result of the Cybersecurity Sprint's call for indicators to scan systems and check logs, since the "other" category includes such malicious actions as port scans, probes, and attempted access. The "other" category also soared nearly 77% to 25,675 incidents last year, compared with the previous year, according to the OMB report.

Last month, President Obama announced the Cybersecurity National Action Plan (CNAP) and called on Congress to allocate 35% of the $4 trillion budget bill for increased spending on cyber-security.

The CNAP is designed to improve the federal government's internal information security, in part by bringing in new technology and ditching its older systems. It also seeks to boost the number of IT professionals on staff by enhancing its student loan forgiveness program for those who take cyber-security jobs with the government.

The OMB report cited work that still needs to be done in improving security for the federal agencies. Configuration management, identity and access management, and risk management practices were highlighted in the report.

Dawn Kawamoto is an Associate Editor for Dark Reading, where she covers cybersecurity news and trends. She is an award-winning journalist who has written and edited technology, management, leadership, career, finance, and innovation stories for such publications as CNET's ... View Full Bio

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Joe Stanganelli
Joe Stanganelli,
User Rank: Author
3/23/2016 | 11:55:48 AM
More, or paying more atteniton?
I am curious as to how much of this jump is a true jump and how much of it is attributable to agencies simply noticing more incidents (particularly after that huge breach of federal employee data a while back).
InformationWeek Is Getting an Upgrade!

Find out more about our plans to improve the look, functionality, and performance of the InformationWeek site in the coming months.

Why IT Leaders Should Make Cloud Training a Top Priority
John Edwards, Technology Journalist & Author,  4/14/2021
10 Things Your Artificial Intelligence Initiative Needs to Succeed
Lisa Morgan, Freelance Writer,  4/20/2021
Lessons I've Learned From My Career in Technology
Guest Commentary, Guest Commentary,  5/4/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Planning Your Digital Transformation Roadmap
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll