Security Hazards Federal Agencies
The CDW Government recently published its 2009 Federal Cyber Security Report, which revealed that the severity and number of IT security events across the Department of Defense and the Federal civilian agencies have remained the same or dramatically grew in the course of 2008. What's more, almost a third or about 33% of Federal agencies suffer from a hacking or security breach attempt every day.
The report was compiled via a September survey of over three hundred Federal cyber security professionals. It identifies the different opportunities for improvement, the steps Federal IT experts are taking to battle against Internet hazards, and the different types of agency-based cyber security dangers.
Both civilian and defense IT security agents acknowledged that their respective agency's or network's greatest threat all-in-all comes from outside sources, with the defense agencies addressing that state-sponsored cyber warfare applications and malware as their foremost external cyber security problems.
IT Security Challenges for Federal Agencies
In turn, the civilian agencies consider software problems and independent international online outlaws as their greatest external IT security challenges. Moreover, internal hazards such as loss of computing devices, lax user authentication protocols, and inappropriate web surfing practices continue to leave these departments susceptible to various cyber attacks and exploits.
The survey participants also cite remote-user access, unsuitable online shenanigans by employees, and the malware pandemic as the top cyber security dilemmas they face on a day-to-day basis, and that remote computing difficulties in particular are growing in a far more alarming rate when compared to the two other predicaments.
Most Federal IT security professionals on the front lines of this cyber war has responded to the growing problems facing networks to date by significantly improving their network access and patch management control, end-user education, user authentication, encryption, network monitoring, and intrusion prevention during the last year. However, only half of these respondents agree that they have a sufficient budget to meet their daily IT security requirements.
To better address these cyber security woes, the aforementioned agencies have decided to take a more comprehensive approach when protecting their networks, databases, and digital installations. Because most exploits and online threats root from avoidable end-user mistakes, a whopping eight-two percent of the agencies are going to offer obligatory end-user training sessions on different IT security protocols, rulings, and policies. About seventy-one percent of them sport intrusion detection and prevention measures, while eight-one percent have a comprehensive Internet firewall suite.