Security Worries Leave Federal IT Personnel Sleep Deprived
More than half of the agency officials queried were concerned about bots and spyware, security breaches, and inadequately trained users.
Working to improve network security doesn't ease security concerns, at least among government officials.
Federal IT decision makers are more concerned about security than in previous years, even after spending more time attending to security than in the past, according to a survey of 200 agency officials.
Things are so bad that half of the federal respondents claim they're not getting any sleep.
Bots and spyware lead the list of network security worries cited by those surveyed.
Asked, "On a scale of one to five, where one is 'sleep like a baby' and five is 'do not sleep a wink,' to what extent do the following security issues or concerns keep you up at night?", the percentage respondents answering with a four or five -- which more or less qualifies as insomnia -- was as follows: bots and spyware (56%), reduced operation and service delivery due to security breach (55%), inadequately trained and unconcerned users (53%), loss of privacy of employee data due to security breach (51%), loss of privacy of citizen data due to security breach (50%).
Such fretting comes as 65% said they spent more time on mandated security requirements this year than they did a year ago. With only 51% saying they feel more secure than they did three years ago, there appears to be a disconnect between working toward security and feeling secure.
Defense respondents tended to be less confident about security than their civilian counterparts, according to the report.
While 58% of respondents said they expected Internet Protocol Version 6 (IPv6) to help their agencies' security architecture, only 35% said their agency had developed an IPv6 security architecture. Forty-nine percent said they didn't know whether their agency had such plans.
Forty-three percent of respondents said they had high priority concerns about Web 2.0 functions -- social networking, file sharing, remote access, and application compatibility -- on their networks.
Among the top barriers to making things more secure, respondents cited funding (67%), adequate training (55%), and existing security architecture (55%). The trouble with existing network architecture is that security isn't integrated. Eighty-two percent of respondents said that embedded security is critical.
The survey was created and fielded by the e-Gov Institute, and interpreted by Market Connections, Inc. on behalf of Cisco Systems, which released the results. Cisco makes network security products. As is common among vendor-backed studies, the survey tends to underscore the need for the sponsor's products.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.