Security Worries Leave Federal IT Personnel Sleep Deprived
More than half of the agency officials queried were concerned about bots and spyware, security breaches, and inadequately trained users.
Working to improve network security doesn't ease security concerns, at least among government officials.
Federal IT decision makers are more concerned about security than in previous years, even after spending more time attending to security than in the past, according to a survey of 200 agency officials.
Things are so bad that half of the federal respondents claim they're not getting any sleep.
Bots and spyware lead the list of network security worries cited by those surveyed.
Asked, "On a scale of one to five, where one is 'sleep like a baby' and five is 'do not sleep a wink,' to what extent do the following security issues or concerns keep you up at night?", the percentage respondents answering with a four or five -- which more or less qualifies as insomnia -- was as follows: bots and spyware (56%), reduced operation and service delivery due to security breach (55%), inadequately trained and unconcerned users (53%), loss of privacy of employee data due to security breach (51%), loss of privacy of citizen data due to security breach (50%).
Such fretting comes as 65% said they spent more time on mandated security requirements this year than they did a year ago. With only 51% saying they feel more secure than they did three years ago, there appears to be a disconnect between working toward security and feeling secure.
Defense respondents tended to be less confident about security than their civilian counterparts, according to the report.
While 58% of respondents said they expected Internet Protocol Version 6 (IPv6) to help their agencies' security architecture, only 35% said their agency had developed an IPv6 security architecture. Forty-nine percent said they didn't know whether their agency had such plans.
Forty-three percent of respondents said they had high priority concerns about Web 2.0 functions -- social networking, file sharing, remote access, and application compatibility -- on their networks.
Among the top barriers to making things more secure, respondents cited funding (67%), adequate training (55%), and existing security architecture (55%). The trouble with existing network architecture is that security isn't integrated. Eighty-two percent of respondents said that embedded security is critical.
The survey was created and fielded by the e-Gov Institute, and interpreted by Market Connections, Inc. on behalf of Cisco Systems, which released the results. Cisco makes network security products. As is common among vendor-backed studies, the survey tends to underscore the need for the sponsor's products.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.