Survey: U.S. Can’t Detect When Cyberattacks Are Underway

Bloomberg News
Published: 5/19/2016 10:39:47 PM
Modified: 5/19/2016 10:39:56 PM

A majority of senior federal cyber officials responding to a survey said they don’t think the U.S. government can detect cyberattacks while they’re underway.

Cybersecurity officials from the Defense Department, intelligence agencies and federal civilian agencies were questioned in the survey released Thursday by the nonprofit International Information System Security Certification Consortium Inc. and KPMG LLP. The organizations said the 54 executives who responded identified themselves as “federal senior managers or contractors with cybersecurity responsibility in government.”

Sixty-five percent said they disagreed with the idea that the federal government as a whole can detect cyberattacks while they’re happening. In addition, 59 percent said their “agency struggles to understand how cyberattackers could potentially breach their systems,” according to the report on the survey, which was conducted in March. A quarter said their agency made no changes in response to last year’s breach at the Office of Personnel Management, which compromised data on 21.5 million individuals and has been traced to hackers in China.

“There’s certainly concern that the next breach is just waiting to happen,” Tony Hubbard, who heads KPMG’s cybersecurity practice, said in an interview.

Forty percent reported their agencies don’t know where their key cyber assets are located.

“That’s pretty alarming,” said Dan Waddell, who is North American director of the Clearwater, Fla.-based certification consortium and worked on the study.

“They still do not know exactly what they have in their inventory” and what devices hold critical data, he said.

Forty-two percent of the federal executives cited employees, contractors and system administrators as their greatest vulnerability with regard to a potential cyberattack.

Valley News

24 Interchange Drive
West Lebanon, NH 03784


© 2021 Valley News
Terms & Conditions - Privacy Policy