October 23rd 2013
Federal agencies are under just as much pressure to implement robust data protection programs as businesses in the private sector. This is because government agencies and other public organizations are also responsible for maintaining highly sensitive information on customers and partners. If decision-makers let those resources fall into the wrong hands, cybercriminals could have access to countless confidential records.
Unfortunately, many federal agencies do not follow best practices when developing cybersecurity initiatives. This was highlighted in a recent Akamai Technologies-sponsored MeriTalk survey, which found that many IT departments in the public sector do not align their data protection initiatives with the experiences that workers actually encounter. This means that most projects are either irrelevant or ineffective at safeguarding sensitive information.
Denial-of-service attacks, hackers and other threats are just as real for federal agencies as they are to corporate companies. To combat these challenges, executives need to collaborate with employees to get a better picture of what is happening, said Tom Ruff, vice president of the public sector division at Akamai.
"More security rules, more security tasks and more security delays have done little to drive more user buy-in for cybersecurity," Ruff asserted. "Without question, federal cybersecurity pros have a tough job, but they must start working with end users as partners instead of adversaries. It is a team game and better support for users will deliver better results for security."
How to build a comprehensive security plan
Collaboration between separate parties inside and outside of the organization is vital to constructing a robust and effective information protection strategy. After all, if decision-makers are unsure what employees are encountering on a daily basis, how are they supposed to know which security tools are the most effective at combating their organization's unique risks?
Collaborating with end users has become even more important today, as cloud computing solutions and mobile devices gain popularity among workers. The rapid democratization of IT has enabled individuals to launch their own cloud services and utilize personal smartphones, laptops and other devices from virtually anywhere, often without the permission of the IT department. This means that decision-makers may not know the risks that employees face or the vulnerabilities those people may introduce accidentally or maliciously.
In general, security programs cannot be placed on the shoulders of one person, as the burden is simply too heavy. For this reason, working together and even bringing in an outside organization, such as a managed security service provider (MSSP), can help. MSSPs can be highly advantageous for companies today, especially those that are not experienced handling the risk landscape, as they are often more familiar with common threats and the means to mitigate them.
Cybersecurity programs are a crucial aspect of ongoing operations, as lacking these initiatives will put a damper in continuity programs, impairing long-term growth and revenue streams. By planning ahead, working together and bringing in outside help, organizations of all sizes in the public and private sectors can improve their ability to combat risk.
Articles from Larry Keating's (CEO, NPC) guest blog on the Huffington Post Business pages