Feds See Surge in Cyber ​​Incidents in FY23, Improved Cybersecurity Detection – MeriTalk

Federal agencies saw a nearly 10 percent increase in cyber incidents throughout fiscal year 2023, according to a new report. Federal Information Security Modernization Act (FISMA) Report. to Congress. However, despite this growth, the report also highlighted the growth of improved cybersecurity detection capabilities.

Federal agencies disclosed 32,211 cyber incidents to the Cybersecurity and Infrastructure Security Agency (CISA) in fiscal year 2023, a 9.9% increase from the 29,319 incidents reported in fiscal year 2022.

According to CISA, most of these incidents fall into the “minor” category. National Cyber ​​Incident Scoring Systemindicating minimal impact on critical sectors or the public good.

Thirty-eight percent of reported incidents, totaling over 12,000 cases, resulted from misuse, indicating a violation of acceptable use policies. According to the report, this suggests that “while agencies have processes or capabilities in place to detect security breaches, many lack automated enforcement or prevention mechanisms.”

Additionally, email phishing has become the second most common attack vector, with an increase of over 50 percent in 2023 compared to the previous year.

However, despite the surge in attacks, the report also highlighted an increase in improved cyber detection and categorization capabilities, which the report said “was evident in a significant decline in the number of incidents using the ‘Other/Unknown’ attack vector.”

“The number of these unclassified events has decreased significantly both in terms of the total number of incidents (from 11,144 in FY2022 to 5,687 in FY2023) and the percentage of incidents compared to the total this year (from 38 percent in FY2022 to 18 percent in fiscal year 2023), the report says.

Additionally, agencies have improved the implementation of cyber defense measures. Specifically, the report shows that federal agencies have selected an enterprise endpoint detection and response (EDR) platform in line with the Office of Management and Budget’s 2021 memo titledImproving the detection of cybersecurity vulnerabilities and incidents in federal government systems through endpoint detection and response.’

According to the report, “EDR capabilities are being deployed rapidly and widely across the federal enterprise. To ensure greater coordination and visibility, each agency worked with CISA to select and implement an enterprise EDR platform, as necessary.”

“Agencies also improved their capabilities to capture, analyze and store logs, and the quality of the logs collected improved,” the report adds.