GAO: Fifty Percent of Feds aren’t Informed on Cyber Risks

Federal agencies for 15 years have been unable to move cybersecurity off a list of the government's most imperiled programs, with a new audit revealing a declining number of agencies -- half -- do not annually train employees on security.

Perennial weaknesses in government network security endanger national security because of the pervasiveness of the Internet and evermore sophisticated cyber threats, according to a Government Accountability Office report. In fiscal 2012, 12 of the 24 major federal agencies provided annual security awareness training to at least 90 percent of their network users, compared with 22 of 24 agencies the prior year.

These and other “weaknesses show that information security continues to be a major challenge for federal agencies," the audit states. "Until steps are taken to address these persistent challenges, overall progress in improving the nation’s cybersecurity posture is likely to remain limited." The report does not break down findings by agency.