The bottom two – the insider threat and mobile devices – remain the most difficult cyber challenges. “Mobile is the threat category with the lowest readiness percentage,” said Cynthia Poole of Market Connections, a firm that helped conduct the research. “This reflects how quickly mobile computing is overtaking established safeguards, mechanisms and techniques that are out there.”
According to the survey, while nearly 75% said they have already invested heavily in cyber-security initiatives, only 36% say the same for mobile device security; thus, the area is still emerging.
Embracing the cloud
Perhaps the most interesting part of the survey regarded what National Institute of Standards and Technology (NIST) senior computer scientist Tim Grance called “transformational technologies” – whose appeal is the potential reduction of costs. Today, the cloud and “big data” appear to be those technologies.
“These transformational technologies pose very profound challenges, they can solve problems and create others at the same time,” Grance said.
Still, much like their private-sector counterparts, 63% of the respondents cited security or privacy as the top challenge to using the cloud. Despite the benefits, just 26% cited the cloud as a high priority at this time. The top three cited benefits were:
- Easy and flexible access and usability;
- Cost savings; and
- Added infrastructure efficiency.
That said, the overall degree of understanding of how the cloud can benefit IT security efforts is increasing at a breakneck pace. “Back in 2011, this study saw that many IT professionals in the government expressed concern about cyber security in the cloud,” Poole said. “This was in part because they did not know enough about the working security under different cloud models to protect sensitive information.” Those who identified themselves as well-versed in IT security knowledge and understanding of the cloud expanded from 24% in 2011 to 41% today.
Cloud model preference remained steady this year, with the majority of respondents choosing private agency or Federal community cloud infrastructures; however, even the public cloud model has gained a bit of traction in 2012.
To learn more about the survey, please visit: http://www.lockheedmartin.com/content/dam/lockheed/data/isgs/documents/LM-Cyber-Security-Transformational-Technologies.pdf
More information on the Lockheed Martin Cyber Security Alliance can be found here: http://www.lockheedmartin.com/us/what-we-do/information-technology/cyber-security/cyber-security-alliance.html