In spite of enhanced efforts to implement better cyber security, federal agencies continue to succumb to cyber attacks. Cyber attacks targeting federal agencies’ systems and websites, and reports of network security incidents at federal agencies have soared 650 percent during the past half-decade, jeopardizing the confidentiality and integrity of sensitive government information.
The defense department and agencies like FBI and DOJ, in particular, have been prime targets for hackers. Last month, the hacker group Anonymous, in what it called its largest operation to date, attacked the websites of the Justice Department, the FBI, the White House and several entertainment industry companies on Jan. 19, after the FBI had indicted principals of the popular file-sharing site Megaupload and shut down the site earlier in the day.
It is no surprise that cyber security has become an increasingly urgent issue for federal agencies, with hackers and nation-states infiltrating the systems to extract sensitive information and data. One of the primary reasons agency computers are vulnerable to contamination is departments have failed to implement proper security controls. Besides, agencies do not always adequately train personnel responsible for system security, regularly monitor safeguards, successfully fix vulnerabilities or resolve incidents in a timely fashion.
Complete security cannot be obtained just by technology. Of course, you need to have “the right technology in the right places” coupled with an educated, well-trained workforce and proper policies, processes, governance, and culture.
Also, one of the keys to ensuring that infrastructure and data is protected from vulnerabilities is by employing a continuous monitoring approach. Continuous monitoring is essential for protecting all elements of today’s operations. Continuous monitoring should be employed at a minimum for change management and vulnerability assessments. Almost all security issues can be identified and mitigated by simply detecting change in an environment.
The United States must encourage cyber security competence across the nation and build an agile, highly skilled workforce capable of responding to a dynamic and rapidly developing array of threats.
Let me hear your thoughts. To know more about federal technology trends, you can follow me on Twitter at @FedTrends