OPINION

Achieving federal security goes beyond technology

Security is currently the number one challenge that business and government face. The ability to keep sensitive data safe and out of the hands of hackers is important for everything from patent protection to brand loyalty to national security. Just look at what happened at OPM.

The technology at our disposal to keep this sensitive information safe and secure has improved exponentially in the past decade. Due to technological advances and a greater understanding of potential vulnerabilities, we’ve become smarter, more agile and better equipped to handle threats. 

But, security doesn’t begin, or end, with technology. It’s about people, principles and practices that set up, control and interpret what the technology does. Enhancing this human element of security is what will keep us safe.

Connection Moves the Perimeter

In the past, the thought of every employee supplying his or her own phone or laptop would have been laughable. Machines were hardwired to a specific desk, accessed by a password inside a room accessed by a keycard, inside a guarded building. 

Fast-forward to today and we’ve all gone mobile or moved into the cloud. Bring your own device (BYOD) is commonplace and employees are doing job-related and personal work on the same machines. 

As the world has become more interconnected, the security perimeter is now everywhere. As a result, constructing a firewall around your data center is no longer sufficient. Every employee, not just IT or security professionals, is responsible for security. They must be trained in proper practices and be given the tools to prevent what they can and report anything suspicious.

It’s Not Just About You Anymore

Part of the reason that every employee must be responsible for security is that it’s not just your information that’s at risk. It’s damaging enough to have your business’ or agency’s information hacked. It’s near catastrophic if that data, as it so often does, includes end users’ personally identifiable data, or information that poses a threat to our national security.

This is often what the data hackers seek. Medical records, tax returns, SSNs, credit card numbers or even user passwords are stolen and sold on the black market. This affects millions of people around the world.

We have technology that can help stop these intrusions. But, we need professionals who can spot them and act to stop them in real time. The security solutions that we create aren’t effective unless they are properly interpreted.

Did that increase in traffic come from a potential denial of service attack or did your company just launch a new, popular product? Are those suspicious international log-ins malicious or did your agency just send a diplomatic envoy overseas? These are the questions that well-trained people are in the best position to answer.

Intelligent Intelligence

While security threats affect us all, too often we deal with them in a bubble. The fear, or shame, of being perceived as weak on security stops many companies and government agencies from sharing threat information with others.

In order to protect us all, this must change. There must be a greater willingness to listen and share best practices, collaborate on new and better approaches and models for security technology and an actively exchange potential threat information.

This crosses private/public boundaries. Enterprises are the primary drivers and innovators of security technology. The government and intelligence agencies have superior insight into emerging international cyber threats, especially those that are state-sponsored. The interplay of these two elements, the technology and the human intelligence, is the key to creating and maintaining a proactive security strategy, regardless of the organization. 

Security isn’t a discipline where you can just deploy hardware or software and let it go. You have to know how to use, monitor and extrapolate the data solutions create. It’s not a problem you can just throw money at. You have to work at it.

This is why we all need to invest in a holistic approach to security. Anything less leaves you and your end users vulnerable. The more connected we are, the more those vulnerabilities will impact us all. Now is the time to change our thinking and adopt a security frame of mind.

About the Author

Mike Greaney is Force 3's Chief Executive Officer. Having spent his entire career in the technology industry, Mike has built a reputation for efficiently growing and transforming businesses while increasing company value.

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.