A new Government Accountability Office report has proposed several actions GAO says are necessary to help address cyber incidents at federal agencies which spiked nearly 1,300 percent in number from fiscal year 2006 to FY 2015.GAO said Tuesday work to implement a framework established under several laws and policies for the federal government’s information security has been inconsistent.
Data from the U.S. Computer Emergency Readiness Team and the Office of Management and Budget data for fiscal years 2006-2015 says agencies faced a total of 77,183 cyber incidents during FY 2015 compared to 5,503 in FY 2006.
Auditors recommended agencies implement risk-based information security programs across government agencies to help identify cyber threats, implement processes for computer asset configuration, patch vulnerable systems, replace legacy software and assess security on a regular basis.
The government watchdog also urged the Department of Homeland Security to address cyber attacks that exploit previously unknown vulnerabilities through an expanded adoption of its intrusion detection and prevention system.
GAO also called for wider efforts to recruit and retain cybersecurity workers.
