The Public Eye with Eric Chabrow

Take an Early Peek at Our Gov't Infosec Survey

Lack of This, Lack of That Cause Vulnerabilities
Take an Early Peek at Our Gov't Infosec Survey

We're in the midst of fielding our inaugural State of Government Information Security survey for 2011, and though it's too early to share the results, some of the responses already provide insight into how government information security pros see their organizations defend IT

One of the survey questions asks: What poses the greatest threat to the security of your agency's IT systems? We provide eight choices: Configuration errors, exploitable software vulnerabilities, inadequate identity management/authentication, insider threats, malware phishing/spear phishing, poor practices, website vulnerabilities and other, in which respondents furnish their own answers.

(Take the survey.)

The other responses provide additional perspectives into the mindset of some government IT security professionals. The term "lack" appears in about a quarter of the other responses: lack of internal network security, lack of policies, lack of regulation and lack of situational awareness, to name a few. Several respondents don't employ the term "lack," but imply it, lamenting declining budgets and inadequate funding.

Top management also comes under attack, with one respondent complaining about "management's attitude about ignoring security in favor of new toys and unwillingness to spend money on a real meaty security awareness program." Another grumbles: "Top management buying what they want because 'everyone else has it.'" Others gripe about failure to enforce policies, apathy and corruption.

What do you think poses the greatest threat to the security of your agency's IT systems? Let us know. We're keeping the survey open for another week, so if you're involved in any aspect of local, state or federal government IT security, and haven't taken the State of Government Information Security survey, please do so now.



About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.