Cyber threats live on government networks for average of 16 days before they are detected
MeriTalk, an Alexandria, VA-based public-private partnership focused on improving the outcomes of government IT, announced on April 28 the results of its new report, “Go Big Security,” underwritten by Splunk Inc. The study finds that government cyber security professionals estimate that cyber threats exist on their networks for an average of 16 days before they are detected – hiding in plain sight. The good news is that 86 percent say big data analytics will improve cyber security efforts. But, just 28 percent are fully leveraging big data for security purposes today. The report examines the state of cyber security in Federal, state and local government agencies, and identifies steps to empower these organizations to make the shift from compliance to risk management to see better security outcomes.
Government cyber security professionals say big data can help make cyber security risk management more effective and proactive. Today, nine out of 10 respondents say they cannot tell a “complete story” with the cyber security data they receive. As a result, 76 percent of cyber security professionals say their security team often operates reactively rather than proactively.
By leveraging big data and analytics, government cyber security professionals say they could better detect a breach that is in process (61 percent), monitor streams of data in real time (51 percent), and conduct a conclusive root-cause analysis following a breach (49 percent). Yet, just one in three say they are prioritizing big data analytics for cyber security – why’s big data on the bench?
“Government organizations have access to a wealth of cyber threat information,” says Kevin Davis, area vice president, Public Sector, Splunk. “The challenge is managing that data and connecting the dots in real time. That’s how we get immediate insight into threats. Agencies need to detect threats faster and start to predict when and how they will occur.”
There are challenges. Organizations are drowning in data – 68 percent say their organization is overwhelmed by the volume of security data. Forty-five percent of Federal IT managers cite data volume as the biggest challenge when it comes to fully leveraging big data analytics for cyber security, while 54 percent of state and local government IT managers cite lack of resources, specifically skilled personnel. Additionally, 78 percent of all government cyber security professionals say at least some of their security data goes unanalyzed due to a lack of time and/or skill of their team. And, while 70 percent say their organization can monitor streams of cyber data in real time, fewer can analyze it – of the security capabilities identified by respondents, statistical analysis is the weakest area.
“Moving from compliance to risk management is a mindset shift,” says Steve O’Keeffe, founder, MeriTalk. “Agencies need to think about ‘big security’ alongside big data. CDOs need to be on the court. Data is the MVP.”
Government cyber security professionals believe they need management support, funding, and training to move to a more proactive cyber security strategy and leverage security data to the fullest. They are making positive strides – 92 percent are working to improve cyber security – investing/upgrading existing security technologies (65 percent), deploying network analysis and visibility solutions (51 percent), and investing in training (50 percent).