The U.S. Department of Defense
has been found by the Government Accountability Office to be at risk of having inadequate visibility of cyber threats due to incomplete information on most of its cyber incident reports, reports The Record
, a news site by cybersecurity firm Recorded Future.
Despite the decline of cyber incidents reported to the Defense Department's Joint Incident Management System from 3,880 in 2015 to 948 in 2021, 91% of submitted reports during the six-year period did not detail the incidents' discovery date, while 68% of the reports lacked information on delivery vectors behind the incident, the GAO report showed. Both data gaps have been hindering the department's capability to identify timely responses to incidents, as well as trends in threats impacting its networks, according to the report.
"Until DOD assigns responsibility for ensuring complete and updated incident reporting and proper leadership notification, the department will not have assurance that its leadership has an accurate picture of its posture. As a result, the department may miss opportunities to assess threats and weaknesses, gather intelligence, support commanders, and share information," said the report.