Is Federal Cyber Security Up to Par?

Elected officials meet with federal IT leaders at MeriTalk’s Cyber Security Exchange event.

Capitol Building

The elected officials and the panel of government IT and private industry leaders at the MeriTalk Cyber Security Exchange event agreed that the state of government cyber security is lacking. Years of stovepiping and saying no to technology have buried the federal government under a disarray of legislation, hardware and software that must be modernized to cut costs and improve efficiency.

Senator Tom Carper (D-Del.) addressed the issue while welcoming the audience to the Capitol Visitor Center. "It is important to pass cyber security legislation this year,” he noted. In addition, he emphasized the importance of closing 1,200 federal data centers by 2015 as mandated by federal CIO Steven VanRoekel.

Senator Tom Carper

Senator Scott Brown

Senator Tom Carper of Delaware (left) and Senator Scott Brown of Massachusetts (right).

When asked how to improve the situation, John Streufert, Director of the National Cyber Security Division at the Homeland Security Department, presented three priorities that he felt should be addressed right away:

  1. Implement continuous monitoring in the cloud and FedRAMP.
  2. Adapt Trusted Internet Connection rules to the cloud.
  3. Strengthen metrics to ensure accurate data, analysis and action.

When asked the same question, David McClure of the General Services Administration stated that he believes our federal security paradigm is outdated. Because every new technology solves some problems and creates other, the government cannot afford to say no to new technology. Instead, agencies should accept that the process of implementing new technology is continuous and create policies with that in mind. On the topic of cloud computing, McClure said, “We can’t move from legacy systems to the cloud overnight,” and he suggested that a rich hybrid environment would likely be the best approach.

But perhaps the most intriguing panelist was Bill Hickox, chief operating officer of the Delaware Department of Technology and Information. His agency is taking one of the most progressive stances on bring your own device — better known as BYOD — in the government. “Not only do we allow it, we embrace,” he said. So far, they have been able to decrease the number of government-owned devices by 20 percent and have lowered their wireless costs by 18 percent, a net figure that includes the stipend they pay to employees who use their own devices for work. Proper network security, authentication protocols and access points should be able to keep employees and agencies safe from cyber security breaches.

For more news on cyber security, cloud computing, BYOD and other federal IT news, follow FedTech Magazine on Twitter.

<p>Photo by <a href="http://jimmydalyphotography.com/" target="_blank">Jimmy Daly</a></p>
Jun 27 2012