National Cyber Strategy – What Does It Mean for Those Selling Security Tools to the Government?

Lloyd McCoy Jr.

By Lloyd McCoy, Market Intelligence Manager

You’ve probably heard of the release last week of both the National Cyber Strategy and the Department of Defense (DOD) Cyber Strategy. Some of the priorities highlighted are robust information sharing, greater resilience, encryption, cyber scalability and hardening of IT systems. In fact, we’ve seen demand for these capabilities reflected in recent cyber budgets which have hovered between $13 and$15 billion over the last couple of years. While the documents bring together much of the cyber policies heard from the administration over the past year, there are some important key takeaways you should be aware of as we head into FY19.

Offensive Cyber
One of the most notable developments is a more overt embrace of offensive cyber operations. The DOD Cyber Strategy especially, hones in on this “defending forward” strategy, where the U.S. will confront threats before they reach U.S. networks.

By giving the government more latitude to conduct proactive and offensive cybersecurity, we could see more funding and resources allocated to these operations as early as next year. Expect more demand for network mapping and reconnaissance, data extraction, firewall tunneling and encryption/decryption tools, just to name a few. I expect most of the funding and demand for offensive cyber tools will be generally confined to U.S. Cyber Command and the intelligence agencies.

Given the advanced cyber threats that are out there, particularly from nation states like China, Russia and North Korea, the cyber realm is seen as a natural extension of national power and deterrence. Those selling to the Department of Defense should take note that the military services will increasingly use cyber to amplify lethality of military operations. Those selling IT tools (not just security) should think about how your solutions help toward that aim.

Homeland Security
The National Cyber Strategy spoke at length about protecting our critical infrastructure. It goes so far as to identify key industries where risk management efforts will be focused: national security, energy and power, banking and finance, health and safety, communications, information technology and transportation. This emphasis continues from previous administrations and demonstrates the government’s commitment to identifying and promoting IT investments necessary to protect our critical infrastructure.

The National Cyber Strategy also reaffirmed the role of the Department of Homeland Security as the central orchestrator for the defense of civilian agency networks. The Strategy directed the civilian agencies to continue transitioning their IT to shared services and for DHS to oversee protection of that shared infrastructure. Each of the civilian agencies will always have a pot of money set aside for security, but we’ll see more and more decisions and budget authority coming out of DHS.

Emerging Technology
Both strategies underscored the importance of next-gen technologies to help address the cyber threats that are out there. Quantum technology was mentioned several times as well as artificial intelligence and next generation infrastructures. If you have solutions and ideas on how to apply emerging technologies to improve our security, most notably in machine learning, hybrid cloud security, blockchain security, encryption and hardware authentication, then you’ll find a receptive audience across government.

Fortunately for IT security vendors and partners, last week’s directives show how the government is all in when it comes to security. There’s a sense of urgency permeating both the National and DOD Cyber Strategy — given the known threats, but also the unknowns. This fall is a critical time for getting in front of program managers and decision makers because October through December is when they begin to shape budget priorities for next year. Show how you can help the government better share threat intelligence, protect its networks, bring the fight to the adversary and take advantage of tomorrow’s technology.

Subscribe to our Government Sales Insider blog to keep up with technology trends in government.

Learn more about what’s happening in the cyber realm at the 5th Annual Government IT Sales Summit, November 15, 2018 in Reston, Virginia.

About Lloyd McCoy Jr.
Lloyd McCoy is a manager on immixGroup’s Market Intelligence organization. He has a M.S. in Strategic Intelligence from the National Intelligence University, a M.A. in Public Policy and a B.A. in Political Science, both from the University of Maryland. Lloyd leads the commercial arm of the Market Intelligence team, leveraging market analysis and purchasing trends to help Arrow’s suppliers and partners shorten their sales cycles. Prior to joining immixGroup, Lloyd was a senior analyst in the Intelligence Community for eight years, serving in a variety of senior analytic and project management positions in the U.S. and abroad.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: