The recent cyber attack on the U.S. Office of Personnel Management (OPM) drew attention to deficiencies in the federal government’s approach to safeguarding data and a recent survey indicates that public agencies at every level grapple with this problem.
Government cybersecurity experts at the state and federal levels struggle to detect and analyze digital threats, with most respondents to a recent MeriTalk survey saying they can only identify threats on their systems after an average of 16 days.
The survey of 302 federal, state, and local agency employees revealed that priorities and problems differ between agencies. Federal cyber professionals worry more about the volume of data, as well as how to properly leverage Big Data analytics to stay ahead of threats. State officials more frequently run into budget constraints when trying to allocate resources to cybersecurity measures.
Understanding the implications of the cyber threat data presents a bigger problem than monitoring it, according to 70 percent of survey respondents. For MeriTalk, which is a public-private partnership aimed at improving government cybersecurity, this indicates that some important capabilities in terms of analysis are missing for most government organizations. In addition, 76 percent of respondents feel their cyber teams end up being reactive rather than proactive.
However, 65 percent reported that they are actively upgrading and investing in existing technology to improve security, while about half said they were both adding new analysis solutions and launching advanced training for existing security personnel. Just 31 percent said they planned to add new security staffers. Taken with responses indicating that 54 percent of state agencies and 41 percent of federal agencies feel they lack the skilled personnel to battle cyber threats, this last point could promise future trouble.
MeriTalk emphasized the usefulness of data analytics to more fully understand and correlate information collected by cyber professionals. The report showed more success on this point on the federal side (41 percent) than the state side (29 percent) but overall, just 28 percent of respondent use Big Data analytics to “connect and correlate” the information they collect. A much larger percentage (86 percent) felt that Big Data would ultimately transform their approach to cybersecurity, allowing for better breach detection, real-time data monitoring, vulnerability scans, and observing third-party applications in use by employees.
Analysis, according to the report, allows an organization not only to understand that a cyber event occurred but why it occurred – in order to prevent it from happening again. Federal and state officials, however, are only successful about half the time (49 percent) in actually effectively analyzing on their own the cause of events.