Federal Cybersecurity: The More Things Change, The More They Stay The Same?
June 6, 2012 Leave a comment
In the federal space, some areas of cybersecurity have evolved while others remain frustratingly stagnant. On the technological front, particularly within the Pentagon, the demand for new technologies like data encryption for mobile devices can only increase as DOD cybersecurity shifts to meet the demands of an increasingly net-centric defense enterprise.
The pace of technological change is not being matched by legislative change. Bills regulating certain critical networks and officially granting broad cyber authority to DHS have stalled again and again due to privacy concerns and fears of over-regulation stifling innovation. As a result, OMB plans to take executive action, proposing amendments to the decade-old A-130, particularly the cybersecurity appendix.
Meanwhile, the need for robust security services around federal IT systems continues to be made apparent by domestic and foreign cyber incidents. The new “Flame” malware exhibits a broad range of malicious capability and serves as a Stuxnet-like reminder of the rapidity with which extremely advanced cyber threats can manifest. On a more basic level, the possible attack of internal NASA websites by a group of Iranian students, even if proven false, has pointed out basic gaps in the agency’s internal security posture. In other words, the need for seemingly basic security policies and products remains. At the same time, budgetary pressures and a general lack of qualified cyber security staff are leaving agencies scrambling to contract cybersecurity services, often at a premium.
What does this mean for cybersecurity product vendors? Simply that the need for security technology figures to remain constant, possibly even increasing in the face of reduced IT budgets across the government. More importantly, any product that can come to the aid of overburdened agency IT security staffs should find a willing audience – be on the lookout for opportunities around automating IA staff functions.