National Cybersecurity State Policy Leadership
Author: DXC Technology
While the sophistication of cyberthreats facing our governments grows every day, traditional thinking about how government information security leaders should fight that challenge is evolving. To learn more, download the full paper.
Cybersecurity can be a complex and bewildering topic for policy makers not used to working
within the technology industry daily. However, by applying well recognized risk management
principles commonly used in other security domains and comparing the approach to dealing with other predatory and adaptive threats, a clearer picture emerges.
Simply put, no single countermeasure is effective against every threat, and cybersecurity becomes a matter of placing priorities based on applications, systems and networks that will have the highest likelihood of impacting delivery of critical services to citizens.
Managing Risk in the Cyber World
A white paper by DXC Technology, National Cybersecurity State Policy Leadership, recommends that government agencies focus their efforts on three areas of actions:
1. Make the enhancement of cybersecurity in states a legislative priority. A resilient and safe cyberspace is a national priority worthy of equal attention and consideration at both the state and federal levels, and similar legislation structured for state interest is critical.
2. Increase funding for modernization and transformation of IT and cybersecurity. State IT budgets need to keep up with growing cyberthreats to ensure that critical services continue to be available and trustworthy for citizens.
3. Encourage the adoption of a consistent security/risk management framework. A consistent risk management-driven approach to security, underpinned by federal law, ensures that agencies move toward the difficult challenges in an aligned manner using common taxonomies and standards.
This paper can help you gain insights into how government entities can deal with increased cybersecurity risks. Among the insightful observations put forth in the paper:
- There is a lack of comprehensive risk management frameworks and strategies.
- Organizations have low situational awareness and enterprise security visibility.
- There are many deficiencies in cyber workforce management.
- Legacy applications are especially vulnerable to cyberthreats.
- Improved enterprise credentialing and identity management strategies are essential.
Managing cybersecurity risk is crucial for all enterprises, especially government agencies. To learn more, download the full paper.