It's a pretty commonly held fact in the cybersecurity community that older systems are generally easier to exploit compared to newer ones. A lot of this has to do with the fact that hackers have simply had a lot of time to tool around with them, and therefore know where the vulnerabilities are. This is especially true for the U.S. government's aging IT infrastructure.
In an effort to mitigate these risks, the Obama Administration is looking to get $3.1 billion for a fund dedicated to updating these old federal IT systems, according to TechNewsWorld. Although this plan might drastically change depending on who wins the 2016 election, increasing America's cybersecurity capabilities is always important.
The infrastructure is the start of the problems…
This $3.1 billion fund is set to be part of a much larger $19 billion cybersecurity overhaul slated for the projected 2017 budget. Many within the government have begun to realize the importance of national data security, which means this money will need to be spent wisely. That said, it's hard to put a price on cybersecurity defenses. In fact, the administrator of the General Services Administration Denise Turner Roth spoke of the importance of security in a House Appropriations Committee hearing.
"The continued and pervasive use of legacy IT systems by federal agencies results in increased cybersecurity risks to federal IT systems, downgraded service for the American people and businesses, increased personnel costs, and missed opportunities," she said.
The current governmental IT infrastructure is clearly endangering sensitive information while also holding agencies back from their full potential. Thankfully, the new bill should help to mitigate these risks, with an added bonus. The Obama Administration believes that this initial $3.1 billion will help agencies solve problems with inefficiencies.
This should allow them to generate more money than they're used to. Experts have added these projected savings up to $12 billion, which will be reimbursed to the original fund and used to continue upgrades. In the end, the government very well could end up saving exponentially more than they spent here.
…but there's more to it than that
Although infrastructure is a great place to start, it isn't the only problem the government needs to deal with. Another issue is the fact that cybersecurity professionals are in high demand, while also being in short supply. A recent report from Cisco found that there are more than 1 million open cybersecurity positions all over the world. What's more, a survey of more than 1,800 federal cybersecurity workers by the International Information System Security Certification Consortium found that this problem is even worse within government agencies.
The survey found that 70 percent of respondents said that their department's lackluster cybersecurity defenses stemmed from the fact that they didn't have enough "qualified security professionals within the federal government." Security professionals are hard to find within the private sector, and it would appear this difficulty is exponentially multiplied within the government.
Infrastructure improvements are obviously needed, but they aren't the only place the government should be focusing. With the ever present risk of a cyberattack on the horizon, bringing in fresh, qualified talent should be of the highest priority for government agencies.