The federal IT landscape has evolved during the last several years as new technologies, strategies and mandates continue to be piled onto decision-makers' shoulders. The demand for cloud computing, data center consolidation and mobile devices has contributed to new complications for government executives. A new study by InformationWeek, however, found that agencies are first and foremost placing an emphasis on providing a secure foundation for other IT services.
InformationWeek Government's third Federal Government IT Priorities survey polled nearly 150 government IT professionals and found that cybersecurity was ranked the No. 1 priority for executives. This suggests that while other technological initiatives, such as cloud computing and virtualization, are important, data protection and privacy are even more significant. The study noted that these demands are driven by multiple factors but nearly three-quarters of respondents said agency-specific goals were the most prevalent and important.
Public sector demands security before anything else
Similar to previous studies, cybersecurity and data security were ranked as the top concerns for decision-makers, with 88 percent of respondents citing the initiatives as "very important" or "extremely important," InformationWeek noted. While there are many potential reasons for this, the most likely is that government agencies continue to be victims of targeted attacks from cybercriminals looking to gather confidential information that can be used to their advantage.
InformationWeek revealed that monitoring solutions – tools that provide near real-time feedback regarding the health of an IT system – are some of the most common ways decision-makers tackle security issues. As the threat landscape continues to evolve, the use of these products is becoming increasingly important. InformationWeek asked decision-makers to rank their use of monitoring applications on a scale of one to five – one meaning the practice is not done at all and five meaning an agency aggressively uses the solutions – and found that the average score was 3.4, suggesting continuous monitoring is more important than other IT initiatives, such as big data and data center consolidation.
Despite the growing importance of monitoring solutions, only one-third of respondents said the majority of their IT infrastructure is managed by the tools, InformationWeek noted. This hints that federal agencies still have a long way to go.
A separate report by TechAmerica echoed the importance of cybersecurity programs, as federal CIOs said it was their No. 1 concern for 2012. The study revealed that insider threats are a top priority, yet the majority of their data security programs are aimed at keeping outsiders away from sensitive assets. This suggests that decision-makers need to reevaluate operations and place more emphasis on protecting confidential information from employee mishaps – whether intentional or malicious.
Other important federal IT initiatives
InformationWeek revealed that disaster recovery and continuity planning was cited as the second-most important IT initiative, especially as cloud computing and BYOD (bring your own device) programs become more common. In fact, the study revealed that disaster recovery and continuity strategies were ranked as "very important" or "extremely important" by 72 percent of respondents, even if they don't get as much publicity as other security processes.
InformationWeek said federal agencies need to develop and maintain disaster recovery and cybersecurity plans that take multiple ongoing trends like BYOD and cloud computing into account. Neglecting to do so will only introduce new complications in the future that could negatively impact how well an organization can protect its sensitive resources.
In an ideal world, these programs will be completed under the risk management umbrella, allowing decision-makers to identify and combat threats and vulnerabilities that may crop up.
Data Security News from SimplySecurity.com by Trend Micro