Security Top Concern Of Federal CIOs

CIOs at federal agencies want better advance planning and new metrics for security monitoring as they deal with growing internal and external threats.

Dark Reading Staff, Dark Reading

May 7, 2012

3 Min Read

Defense Robots: Fast, Flexible, And Tough

Defense Robots: Fast, Flexible, And Tough

Defense Robots: Fast, Flexible, And Tough (click image for larger view and for slideshow)

Cybersecurity is the leading concern among federal agency CIOs, followed by controlling costs and managing human capital, according a survey released last week by TechAmerica, a tech industry group.

TechAmerica interviewed 40 CIOs and other federal IT leaders, from agencies including the Department of Defense, Homeland Security, and Veterans Affairs. Twenty percent identified cybersecurity as their top concern, followed by 15% who pointed to controlling costs, and 12% human capital.

Survey respondents told TechAmerica that, while most of their security resources are directed toward outside threats, internal threats are a growing concern. At the same time, TechAmerica said outside threats are on the rise and becoming more sophisticated.

The preoccupation with cybersecurity is consistent with InformationWeek's own survey findings. IT security and cybersecurity ranked as the No. 1 priority in InformationWeek's 2011 Federal Government IT Priorities Survey, with 69% of survey respondents viewing it as "extremely important."

[ Learn how to do more with less. Read 10 Lessons From Leading Government CIOs. ]

One CIO surveyed by TechAmerica said IT security is inconsistently applied in federal government and quality is "all over the place." A consequence of such concerns is that agencies are unwilling to embrace federal IT goals for centralization and mobility, according to TechAmerica. Concerns would be lessened by a consistent, high-quality security framework applied across government.

Survey respondents recommended that agencies identify which department "owns" security; that they plan ahead and build infrastructure with security in mind; and that the government develop sound metrics for security monitoring.

Cost control was the second most-mentioned concern of federal CIOs, a reflection of flat IT budgets over the past three years. Some said that budget discipline has driven changes such as dropping unused software licenses and adopting thin-client hardware. However, across-the-board budget cuts were deemed the "most feasible and least effective way" to control costs.

George DelPrete, a partner with Grant Thornton, which helped conduct the survey, warned that OMB's strategy of encouraging federal IT teams to be more innovative as a way of stretching their budgets may not be enough to meet all of the challenges and objectives they face. "Survey respondents agree that budget cuts can spur innovation, but there are limits to what scarcity can do," DelPrete said. "Further, there is no guarantee that cost-cutting solutions will meet government-wide needs or even make sound business sense."

In terms of managing human capital, 70% of survey participants said their staffing levels had been affected by budget cuts. More than half (52%) didn't have a plan to replace baby-boomer senior executives.

Central agency policy ranked fourth among the top concerns of federal CIOs. Respondents gave the Office of Management and Budget's 2010 IT Management Reform Plan a C grade. CIOs view the plan as a good start, but not an end in itself.

Mobility ranked fifth on the list of concerns, with device ownership, access, and security among the issues to be addressed.

Hacktivist and cybercriminal threats concern IT teams most, our first Federal Government Cybersecurity Survey reveals. Here's how they're fighting back. Also in the new, all-digital Top Federal IT Threats issue of InformqtionWeek Government: Why federal efforts to cut IT costs don't go far enough, and how the State Department is enhancing security. (Free registration required.)

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights