Network security incidents at federal agencies have soared 650 percent during the past five years according to a just-released GAO report.
The most prevalent types of cyber events included infections from malicious code (30 percent of incidents); violations of acceptable use policies; and intrusions into networks, applications and other data resources. During the past five years, the number of reported events has grown from 5,503 in 2006 to 41,776 in 2010.
The main reason agency computers are vulnerable to contamination is departments have failed to implement security controls, according to the audit. Agencies do not always adequately train personnel responsible for system security, regularly monitor safeguards, successfully fix vulnerabilities or resolve incidents in a timely fashion.