Throughout the federal government, agencies are spending more time and money than ever to limit their exposure to cyberthreats. Here’s a checklist of steps IT leaders can take to bolster their organization’s security and avoid unwanted breaches:
1. Coordinate your goals. “This is no time for silos and bureaucracies, ” says Avivah Litan, vice president and distinguished analyst for Gartner Research. “You need to get your organizations and processes aligned around security.”
2. Secure your users. You’re only as secure as your weakest link: the users whose access may be compromised by an attacker. Cybertraining, exercises, and drills need to receive high priority, says former U.S. CISO Gregory Touhill.
3. Value your information assets. Understand that information has value, and align your protective measures based on the risks to your most important data, Touhill says.
4. Invest wisely. When modernizing security infrastructure, don’t be fooled by vendors who promise they can solve every problem, Litan adds. “Make sure you can manage any technology you procure on your own, without becoming dependent on any vendor.”
5. Get management buy-in. “Make sure you get a high-level commitment to security,” says Jeff Eisensmith, CISO for the Homeland Security department. “When there’s competition between a shiny new thing and a brown gooey thing called infrastructure, you want to make sure the brown gooey thing wins.”
For more on how feds can enhance cybersecurity, check out, "Want to Stop a Cyberattack? Try a Fake Phishing Scam to Train Your Employees."