OMB: Agencies Need Help With Old Problems

By Chris Wiedemann, consultant

The cybersecurity challenges facing the government are well understood. Combine a highly federated environment, huge volumes of sensitive, classified or legally-protected data, all running on outdated legacy technology, and you get the government’s current situation: struggling to stay ahead of the latest threats in an increasingly dangerous digital environment.

Federal networks are very popular targets. The government deals with thousands of attacks each year – 35,277 in FY17, according to the most recent FISMA report. Moreover, the consequences of a successful attack are significant. Perhaps no data breach better exemplifies the dangers of lax security than the OPM attack in 2015, which exposed the personally identifiable information of millions of individuals to malicious actors and prompted a round of reports, recommendations and recriminations on the security posture of agency networks – as well as a renewed sense of urgency around security at the agency leadership level.

Three years later, enough time has passed that we can reasonably ask what became of those recommendations – and according to a recently-released OMB report, the answer is: not as much as their authors might have hoped. The full report gives some good insight into the challenges OMB is focusing on as well as their near-term plans to address them. But, if you’re looking for highlights, there are some clear areas of opportunity for COTS vendors to help:

• Agencies continue to struggle with situational awareness. Of all the security incidents tracked in FY16, 38 percent did not have an identified attack vector. In other words, the attacked agencies didn’t know where the attack came from or how it penetrated their networks. This is a significant concern for agency security personnel and a clear opportunity for COTS vendors who can help their customers identify, track and respond to advanced attacks.
• Agencies buy too many point solutions. In part because of that lack of situational awareness, agency customers have been focusing on individual cyber tools and capabilities at the expense of a more holistic, solution-oriented approach to security. They have also, according to the report, spent time addressing “perceived security gaps, rather than allocating funds to address gaps that threat actors are actually exploiting.” This means that improving agency situational awareness is an opportunity area for COTS security vendors as well as manufacturers who can bring that holistic view to the security stack.
• Agencies are still bad at data protection and data loss prevention. Despite the high-profile nature of the OPM breach, which revolved around large-scale data exfiltration, only 27 percent of agencies reported that they can detect and investigate attempts to access large volumes of data on their networks. In a similar vein, only 16 percent achieved OMB targets for encryption of data at rest. Data-level security is commonly viewed as the best way to think about protecting federal systems, which makes these low numbers even more alarming – and suggests that, outside of what CDM is already providing for agencies, more spending may be in the cards.

Of course, there’s more to OMB’s report than what I’ve listed above, and the report itself is just one piece of the administration’s focus on cybersecurity and IT modernization. Nevertheless, it’s an important piece – and if the issues OMB is calling out sound familiar to you, make sure to leverage their report to get in front of your customers.

Like what you just read? Subscribe to immixGroup’s Government Sales Insider blog for more government IT trends and insight.

Learn more about how immixGroup’s Market Intelligence organization can help your company.