Cyber incidents surge as cyber budget shrinks at NASA

According to data extracted and analysed by Atlas VPN, cyber incidents at NASA increased by 366% in 2019. Being one of the nation’s most important federal agencies, this is an alarming finding.

Cyber incidents at NASA can affect national security, intellectual property, and individuals whose data could be lost due to data breaches. As stated by The Office of Management and Budget (OMB) in their report to Congress, even though NASA is continuously improving their security systems, a broad array of digital information and assets remain at risk.

OMB reviews government agencies annually. OMB is also responsible for developing and overseeing the implementation of policies, standards, and guidelines on cyber-security in federal agencies.

The OMB report found that there were a total of 1,468 cyber incidents at NASA in 2019. In 2018, NASA experienced only 315 cyber incidents, which means that the number of incidents jumped by 366%.

Rachel Welch, COO of Atlas VPN, shares her thoughts on cyber incidents at NASA: “It seems that most incidents are caused by the employees’ violation of an organisation’s acceptable usage policies as well as illegal activities on work devices. To solve the issue, NASA should allocate more resources towards educating its staff on the possible dangers caused by violating the companies policies and regulations.“ The company also says that out of all the major federal agencies, NASA is one of few with a decreased cyber security budget. The budget for digital security purposes at NASA decreased by $3.1 million in 2019.

Interestingly, almost all other institutions saw increases in their cyber security budgets. The fact that NASA had the biggest increase in cyber incidents might lead to the conclusion that the decrease in the cyber security budget had a direct negative impact. Naturally, the Department of Defence (DOD) received around 50% of the whole federal cyber security budget in 2019, with $8.5 billion. In comparison to 2018, DOD received an additional $479 million.

The second in line is the Department of Homeland (DHS) security, with $2.59 billion funds for cyber security purposes in 2019. In contrast to 2018, the DHS cyber security budget grew by $731.9 million. In other words, cyber security spending at DHS increased by over 39%. Incidents caused by improper usage increased the most, from 180 in 2018 to 1,329 in 2019, representing a 638% growth per year. Improper use is described as any incident resulting from a violation of an organisation’s acceptable usage policies by an authorised user.