You are here

The Department's Cyber Security Incident Management Program, IG-0787

The Department of Energy operates numerous interconnected computer networks and
systems to help accon~plishit s strategic missions in the areas of energy, defense, science,
and the environment. These systems are frequently subjected to sophisticated cyber
attacks that could potentially affect the Department's ability to carry out its mission.
During Fiscal Year 2006, the Department experienced 132 incidents of sufficient severity
to require reporting to law enforcement, an increase of 22 percent over the prior year.
These statistics, troubling as they may be, are not unique to the Department; they are, in
fact, reflective of a trend in cyber attacks throughout the government.
The Federal Information Security Management Act of 2002 requires each agency to
implement procedures for detecting, reporting and responding to cyber security incidents,
including notifying and consulting with the Department of Homeland Security's Federal
Computer Incident Response Center, law enforcement agencies, and Inspectors General.
To meet this requirement and counter the threat posed by cyber attacks, the Department
has established incident reporting mechanisms and various cyber security incident
response and analysis capabilities to prevent, detect, respond, and recover from cyber
security incidents. Given the prevalence of cyber security attacks on Federal information
systems, we initiated an audit to determine if the Department had developed an integrated
and effective cyber security incident management program.