Feds more confident in agency security
- By David Hubler
- Nov 13, 2006
Federal decision-makers seem to be more confident about their agencies' security than they were two years ago, according to a survey released today by Cisco Systems.
The new survey found that decision-makers, especially those in the defense sector, were spending more time on mandated security requirements than they did last year. They report, however, that funding remains the biggest barrier to improving security capabilities.
Another change this year is that most respondents now give more importance to linking budgets to program performance, the report states.
The survey, a follow-up to one conducted in November 2005, polled federal information technology decision-makers from more than 45 civilian and military agencies involved in network security solutions.
Nearly half the respondents said they believe software automation tools will address most of their agencies' security issues in the future. Moreover, a large majority said the automation tools will handle network intrusion detection, firewalls and server security.
'Agency staff tasked with security issues are spending more time dealing with mandated security requirements than they did a year ago,' said Aaron Heffron, vice president of Market Connections, which conducted the survey for Cisco.
'Staffing levels and training have not yet caught up with the needs in many security areas,' he said in a statement. 'However, the survey revealed that many respondents hope that automation and technologies will help fill the gap.'
'Security continues to demand more management attention, including linking security investments to the business objectives and strategies of an agency,' said Bruce Klein, vice president of federal operations at Cisco.
The survey found that most respondents were aware of their agencies' Federal Information Security Management Act compliance efforts. Nearly half of those involved in compliance report spending at least a quarter of their time on FISMA issues.
Management and workforce issues ranked as top challenges, the survey found. Those issues included management awareness, employee/management participation, a lack of personnel and training, and collaboration with management to resolve those issues.
Also among the top-ranked issues were achieving green status in every category of the President's Management Agenda, improving security grades on the Government Accountability Office score card and reaching total FISMA compliance.
Although most respondents said their agencies have a permanent chief information security officer, they were most likely to lose sleep because of the possibility of reduced operations and security breaches, the survey found.
In addition, a large majority said they expect to complete their Homeland Security Presidential Directive-12 requirements on time.
David Hubler is the former print managing editor for GCN and senior editor for Washington Technology. He is freelance writer living in Annandale, Va.