Although the numerous high-profile, damaging data breaches in the past year brought the importance of cybersecurity to the forefront, government agencies are still struggling to develop a proactive approach to securing against cyber threats, according to a new report by MeriTalk, a public-private partnership focused on improving the outcomes of government IT.
In “Go Big Security,” MeriTalk and software provider Splunk Inc., surveyed 302 government cybersecurity professionals from federal, state and local agencies to examine current cybersecurity strategies and help organizations leverage big data for security.
The study found government IT managers estimate cyber threats exist on their networks for an average of 16 days before they are detected. More than three-quarters of respondents say their security team is often reactive instead of proactive.
However, government cyber professionals believe big data analytics can help organizations better detect threats, monitor streams of data in real time, and conduct a conclusive root-cause analysis following a breach. Even so, only one in three say they are prioritizing big data analytics for cybersecurity.
“Government organizations have access to a wealth of cyber threat information,” said Kevin Davis, area vice president, public sector, Splunk. “The challenge is managing that data and connecting the dots in real time. That’s how we get immediate insight into threats. Agencies need to detect threats faster and start to predict when and how they will occur.”
Most agencies are working to improve cybersecurity including by upgrading existing security technologies, deploying network analysis and visibility solutions, investing in advanced skills training for current security personnel, and hiring additional security personnel.
However, only 28 percent of organizations are leveraging big data analytics to connect and correlate information.
Although 86 percent of respondents believe big data analytics would significantly improve their organization’s cyber security, a number of challenges have prevented these agencies from embracing big data analytics.
Government organizations are overwhelmed by the volume of security data they collect, leading many to struggle with managing and analyzing the data. Consequently, 78 percent of data goes unanalyzed. In addition, many agencies are held back from leveraging big data analytics because of a lack of skilled personnel, lack of management support, inability to justify investment, too much data to store, and lack of effective solutions.
Cyber professionals believe they need management support, funding, and training to move to a proactive cyber security strategy. The report recommended that organizations rethink data management, call on big data analytics, and push fora more proactive approach to security through management support, funding, and training.
“Moving from compliance to risk management is a mindset shift,” said Steve O’Keeffe, founder, MeriTalk. “Agencies need to think about ‘big security’ alongside big data. CDOs need to be on the court. Data is the MVP.”