Federal agencies reported 35,277 cybersecurity incidents for their IT systems in FY 2017.
While agencies have gotten better at preventing and detecting intrusions into their systems, they are still vulnerable to attacks such as “phishing”—emails designed to trick staff into clicking malicious links. Moreover, many agencies have not yet fully implemented effective security programs or practices, leaving them vulnerable to future attacks.