In this edition of the SecurityIntelligence industry podcast series, Ian Doyle, business unit executive for cybersecurity strategy and growth initiatives at IBM, joins host Bill Venteicher to break down the challenges policy makers and decision makers are facing in federal cybersecurity.
The Threat Landscape Is Outpacing Federal Cybersecurity
When it comes to cybersecurity, there’s a lot for government agencies to keep an eye on. According to the U.S. Government Accountability Office (GAO), the number of security incidents affecting governments systems over the past decade ballooned from around 5,500 per year in 2006 to more than 77,000 per year as of 2015 — an increase of roughly 1,300 percent.
In May 2018, the U.S. Department of Homeland Security (DHS) released its new cybersecurity strategy to help combat the growing threat of cyberattacks. Doyle puts it simply: For federal agencies, every cyberthreat is credible — and improving data security should therefore be a top priority.
On September 18, as this podcast was being prepared for release, the Department of Defense issued its first cybersecurity strategy since 2015, followed by the White House release of a new comprehensive National Cyber Strategy two days later, further defining steps to strengthen cybersecurity countermeasures, and secure the infrastructure and data across all government agencies. Since the rescinding of Presidential Policy Directive 20 in August, and now with new guidance, all reports are pointing to a leap forward in policy specifically supporting agencies moving toward a more pro-active offensive approach to cyber security by federal agencies and the military.
3 Key Challenges Facing Federal Agencies
According to Doyle, security leaders in the federal government often encounter three key challenges when attempting to transform their cybersecurity operations:
- Lack of resources, including technology, IT professionals and money.
- Slow acquisitions, because the necessary due diligence, vetting and bidding means that even critical security upgrades could take 12–18 months.
- Reactionary processes. Since events, alerts and issues are solved in a reactionary manner today, it’s often difficult for agencies to get ahead of emerging threats.
To complicate these challenges, government agencies, even more than enterprises, are struggling to attract and retain top-tier IT talent. As Doyle notes, the widening skills gap, combined with a surplus of private sector jobs with better pay scales than their federal counterparts, makes recruitment a big challenge for any agency. While government positions offer unique advantages — such as a fulfilling mission of protecting and serving the country and improving federal operations — many agencies are now looking to industry leaders like IBM for augmented intelligence and orchestration solutions designed to empower existing staff.
What’s Next for Federal Cybersecurity?
In his conversations with government agencies, Doyle found that the five pillars of the DHS’ approach to cybersecurity — risk identification, vulnerability reduction, threat reduction, consequence mitigation and enabling cybersecurity outcomes — align well with agency objectives.
But how can agencies implement better cybersecurity practices over the long term? Doyle points to tools such as the DHS’ Continuous Diagnostics and Mitigation (CDM) program for civilian agencies, the rise of federal cyber schools to help train the next generation of security leaders, and the use of third-party providers offering artificial intelligence (AI) and threat solutions that do more than just check the box for security compliance.
If you enjoyed listening, please consider rating the podcast or leaving your feedback on iTunes or wherever you listen.