Incidents at Federal Government Agencies increased more than 1,000 percent since 2006

According to a new report by the Government Accountability Office (GAO), The Federal Government needs for stronger controls across Federal Agencies.

According to a report submitted as testimony by Greg Wilshusen, director of information security issues at GAO, in a recent congressional hearing cybersecurity incidents that involved federal government have increased more than 1,000 percent since 2006.

The document reports that in the fiscal year 2014, federal agencies suffered 67,168 cyber security incidents that exposed personally identifiable information (PII), meanwhile the number of incidents in 2006 was just 5,503 (+ 1,121%).


The recent Office of Personnel Management breaches are the largest ever to affect the federal government, they raised the alarm on the level of security of other government agencies.

Given the increasing number of incidents, it is crucial that federal agencies take appropriate countermeasures to mitigate the risks and protect federal systems.

“Agencies continue to have shortcomings in assessing risks, developing and implementing security controls, and monitoring results. Specifically, for fiscal year 2014, 19 of the 24 federal agencies covered by the Chief Financial Officers (CFO) Act reported that information security control deficiencies were either a material weakness or a significant deficiency in internal controls over their financial reporting.” states the GAO report.

DHS and Office of Management and Budget (OMB) have several initiatives to improve the cybersecurity of federal government agencies.

The report highlights three initiatives to improve the cyber security of federal agencies:

  • Personal identification verification (PIV) technology. The NIST defined requirements the identity verification based on “smart cards.”
  • Continuous diagnostics and mitigation controls, a program to provide capabilities and tools that allow the federal government to promptly identify cybersecurity risks, prioritize them and adopt countermeasures to mitigate them.
  • National Cybersecurity Protection System at the Department of Homeland Security (Einstein). ” Einstein is a suite of capabilities intended to detect and prevent malicious network traffic from entering and exiting federal civilian government networks.

The experts of the US government are aware of the risks related to cyber attacks and consider essential the adoption of a ‘defense in depth’ approach that will allow the improvement of security posture, mitigation of risks and early detection of ongoing attacks.

Pierluigi Paganini

FAIR USE NOTICE: Under the "fair use" act, another author may make limited use of the original author's work without asking permission. Pursuant to 17 U.S. Code § 107, certain uses of copyrighted material "for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright." As a matter of policy, fair use is based on the belief that the public is entitled to freely use portions of copyrighted materials for purposes of commentary and criticism. The fair use privilege is perhaps the most significant limitation on a copyright owner's exclusive rights. Cyber Defense Media Group is a news reporting company, reporting cyber news, events, information and much more at no charge at our website Cyber Defense Magazine. All images and reporting are done exclusively under the Fair Use of the US copyright act.

Global InfoSec Awards 2022

We are in our 10th year, and these awards are incredibly well received – helping build buzz, customer awareness, sales and marketing growth opportunities, investment opportunities and so much more.


10th Anniversary Exclusive Top 100 CISO Conference & Innovators Showcase