Cyber threats continue to rise for the federal government. As potential attackers develop new ways to inflict infrastructure and federal systems, security professionals need to continue to stay one step ahead of the attackers. With increasing uses of cloud and collaborative technologies, new interconnected systems provide a fertile ground for potential attackers.
With government officials using numerous devices to connect, such as smart phones, laptops, and computers, sometimes for mix use at home and at work, providing the proper security and developing the right infrastructure is a challenge for government and industry.
With all the increasing threats for security, a recent GAO report finds that security incidents have been on the rise, increasing over 650 percent in the past two years. The failure to protect government wide systems can lead to the loss of millions of dollars, intellectual property and disperse classified information.
In a report published by GAO in October of 2011, the most common kinds of threats over the past five years where:
- Unauthorized access (14%)
- Denial of Service (1%)
- Malicious Code (30%)
- Improper Usage (18%)
- Scans/probes/attempted access (11%)
- Unconfirmed incidents under investigation (26%)
Agencies are rapidly adapting and implementing protocols to decrease cyber incidents. GAO has issue a couple of reports in the last few months concern cybersecurity and providing recommendations for further action. Early in his term, President Obama initiated 10 near term action points to support cyber security challenges. President Obama’s near term actions included:
Near Term Actions
The President’s Cyberspace Policy Review identifies 10 near term actions to support our cybersecurity strategy:
- Appoint a cybersecurity policy official responsible for coordinating the Nation’s cybersecurity policies and activities.
- Prepare for the President’s approval an updated national strategy to secure the information and communications infrastructure.
- Designate cybersecurity as one of the President’s key management priorities and establish performance metrics
- Designate a privacy and civil liberties official to the NSC cybersecurity directorate.
- Conduct interagency-cleared legal analyses of priority cybersecurity-related issues.
- Initiate a national awareness and education campaign to promote cybersecurity.
- Develop an international cybersecurity policy framework and strengthen our international partnerships.
- Prepare a cybersecurity incident response plan and initiate a dialog to enhance public-private partnerships.
- Develop a framework for research and development strategies that focus on game-changing technologies that have the potential to enhance the security, reliability, resilience, and trustworthiness of digital infrastructure.
- Build a cybersecurity-based identity management vision and strategy, leveraging privacy-enhancing technologies for the Nation.
The ten initiatives are certainty great ideas, but I would be interested to hear where the federal government stands on implementation of Obama’s near term initiatives. The tension becomes, how do agencies expand technological while making the proper security advancements? As agencies look to leverage technology to help meet organizational needs, security should be one of the key points of discussion.
Where do we stand with Obama’s near term initiatives? What are you cybersecurity challenges?
This post is brought to you by the GovLoop Technology Solutions Council. The mission of this council is to provide you with information and resources to help improve government. Visit the GovLoop Technology Solutions Council to learn more.