Governance

Third of Agency Report Daily Cyber Incidents Survey: 44% of Agencies Had More Security Incidents in Past Year
Nearly one-third of federal agencies report at least one cybersecurity incident each day, with more than half reporting such occurrences weekly, according to a survey released Tuesday of 300 federal information security professionals conducted by CDW-Government, a provider of IT wares.

Among other findings of the survey, which was conducted in September:

  • 44 percent of agencies reported increases in security incidents last year, with 31 percent saying cybersecurity incidents have increased in severity.
  • One-third of respondents picked malware as their No. 1 daily cybersecurity issue; followed by inappropriate employee activity/network use and managing remote user access, both 25 percent.
  • 47 percent of the infosec pros surveyed - equally split between civilian and defense agencies - cited external sources as their greatest threat, followed by agency employees 23 percent, and contractors, 10 percent.
  • Among internal threats, 66 percent of respondents cited inappropriate web surfing and downloads, 50 percent, lost devices; and 40 percent, lost-stolen-shared passwords. In fact, 44 percent of those surveyed said they had seen an employee post a password in a public place.
  • 52 percent of front-line federal IT professionals report they have adequate budget to meet needs.

CDW-G also asked respondents about the Trusted Internet Connections program, which reduces the number of Internet connections, and nearly half - 47 percent - said the program has reduced the number of connections their respective agencies have to the Internet. Of those that have reduced connections, 82 percent said ithas improved their agency's security posture.


About the Author

Eric Chabrow

Eric Chabrow

Executive Editor, GovInfoSecurity & InfoRiskToday

Chabrow, who oversees ISMG's GovInfoSecurity and InfoRiskToday, is a veteran multimedia journalist who has covered information technology, government and business. He's the former top editor at the award-winning business journal CIO Insight and a long-time editor and writer at InformationWeek.




Around the Network