A majority of senior federal cyber officials responding to a survey said they don't think the U.S. government can detect cyber attacks while they're underway.

Cyber-security officials from the Defense Department, intelligence agencies and federal civilian agencies were questioned in the survey, released by the not-for-profit International Information System Security Certification Consortium Inc. and KPMG. The organizations said the 54 executives who responded identified themselves as "federal senior managers or contractors with cyber-security responsibility in government."

Of those responding, 65 percent said they disagreed with the idea that the federal government as a whole can detect cyber attacks while they're happening. In addition, 59 percent said their "agency struggles to understand how cyber attackers could potentially breach their systems," according to the report on the survey, which was conducted in March.

A quarter of respondents said their agency made no changes in response to last year's breach at the Office of Personnel Management, which compromised data on 21.5 million individuals and has been traced to hackers in China.

"There's certainly concern that the next breach is just waiting to happen," said Tony Hubbard, who heads KPMG's cyber-security practice.

Some 40 percent of respondents reported that their agencies don't know where their key cyber assets are located.

"That's pretty alarming," said Dan Waddell, who is North American director of the Clearwater, Florida-based certification consortium and worked on the study. "They still do not know exactly what they have in their inventory" and what devices hold critical data, he said.

Some 42 percent of the federal executives cited employees, contractors and system administrators as their greatest vulnerability with regard to a potential cyber attack. The report didn't provide a margin of error for the small sample size of the survey.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access