Joshua Moses, OMB’s director of cybersecurity performance and risk management, says that government agencies are usually behind the curve understanding cybersecurity threats and solutions, and both agencies and the private sector must to do a better job sharing data on potential threats.
Speaking at a conference of open-source developers, he praised that community’s sense “that you’re all in it together, that there’s benefit to be gained by sharing that information.”
A May OMB report found that only 27 percent of agencies could detect and investigate attempts to access large amounts of their data, and only 40 percent could detect when a user copied or removed massive encrypted data caches. Furthermore, when breaches did occur, agencies could only identify the method of attack about 60 percent of the time.