SecurityWeek Logo

Classification Concerns Over FISMA Report on Improving Agency Cybersecurity

The Federal Information Security Modernization Act (FISMA) annual report to Congress for full year 2018 indicates considerable success in improving the cybersecurity of federal agencies. The headline statistics indicate a 12% reduction in the occurrence of cybersecurity incidents from 35,277 in FY 2017 to 31,107 in FY 2018. “However,” adds the report (PDF), “FY 2018 marked the first year since the creation of the major incident designation that no incidents met the threshold.” A ‘major incident’ is defined as any incident that is likely to result in demonstrable harm to the national security interests, foreign relations, or the economy of the United States or to the public confidence, civil liberties, or public health and safety of the American people. It also applies, with the same criteria, to any breach involving the theft or alteration of PII belonging to more than 100,000 people.