The Office of Management and Budget found nearly 78 percent of all major agencies have directly submitted cybersecurity data to the Department of Homeland Security, Federal News Radio reports.
The OMB believes increased agency compliance is in partly driven by its deadline to adapt the Cyberscope program by Nov. 15, 2011 and start continuous monitoring by Sept. 30, 2012
In its annual report to Congress, OMB said 80 percent of all agencies implemented an automated asset inventory management capability, 78 percent were using an automated configuration management capability and 77 percent were using automated vulnerability management software.
OMB sends the report in advance of rollout of the Federal Information Security Management Act.
These positive figures support the bill’s intention to strengthen U.S. cyber capabilities through following guidelines and replicating practices.
Agencies spent $13.3 billion in 2011 with the Defense Department investing $10 billion to meet cyber requirements, Federal News Radio reports.
Aside from personnel expenses, spending is generally broken down in four areas.
Subsidies for the rollout of Special Publication 800-37 of the National Institute of Standards and Technology gets 10 percent, 7 percent is spent on security tools, 4 percent on security testing and 3 percent on security training.
OMB said 19 out of 24 agencies relayed their data to Cyberscope in 2011.
The departments of Housing and Urban Development and State, NASA, U.S. Agency for International Development and the Office of Personnel Management are the five remaining agencies which are not compliant with the OMB deadline.
The report also states that agencies have declared improved cyber capacities in 14 out of 16 categories.
Improvements conducted include 65 percent implementation of domain name system security, automated configuration management, automated vulnerability management, 83 percent encryption rate for portal devices and 83 percent roll out for remote access encryption.
DHS’ U.S. Computer Emergency Response Team said there were 43,889 reported cyber incidents that made vital impact to agency systems last year, an increase from the 41,776 reported incidents in 2010, according to Federal News Radio.
U.S. CERT data says 5 percent out of 107,655 reported cyber attacks were directed toward federal agencies.