Cyber Defenses Stronger, but Incidents Constant, Says Report

Federal agencies reported nearly 31,000 cybersecurity incidents that “led to the compromise of information or system functionality” in 2016, 16 of which were deemed to be major information security incidents, a designation that triggers mandatory steps for agencies including reporting certain information to Congress.

The latest report under the Federal Information Security Modernization Act notes that statistics are not directly comparable to those of prior years because DHS last year started requiring agencies to report incidents by the method of attack to its Computer Emergency Readiness Team.

It said that 81 percent of government users now use multi-factor personal identity verification to access networks and that 70 percent of agencies have employed strong anti-phishing and malware capabilities. Agencies have also made “significant progress” toward safeguarding their high value IT assets and in employing capabilities to identify, detect, and protect hardware and software assets on their networks, it said.

“While federal agencies continued to make progress in strengthening their cyber defenses in FY 2016, a significant amount of work remains to implement these controls and protect federal networks and data,” acting federal chief information security officer Grant Schneider said in a statement accompanying the report’s release.

It said that of the reported incidents, the most common type was theft or loss of a computing device or media, followed by attacks from a website or web-based application, violations of an agency’s proper use policies, and email/phishing attacks.