Forget haunted houses, tacky Halloween costumes, and increasingly vitriolic campaign rhetoric. What’s scaring us the most this October? Cybersecurity threats – particularly those against the federal government.
Nearly every aspect of our modern lives is increasingly dependent on information technology systems and networks. Evolving cyber threats to our federal information systems have the potential to cause widespread power blackouts, put high-speed trains on collision courses, and compromise U.S. military intelligence, to name just a few frightening scenarios.
What’s worse, the threats are increasing in both sophistication and frequency. Cyber threats to civilian government agencies quadrupled between 2006 and 2009, and Defense Departments reported 70,000 computer attacks per day in 2008. The increasing use of mobile devices, including smartphones and tablets, is also a factor – providing an unprecedented number of susceptible endpoints for hackers to infiltrate.
The U.S. Government Accountability Office (GAO) found in its August 2012 report that “18 of 24 major federal agencies have reported inadequate information security controls,” and “inspectors general at 22 of these agencies identified information security as a major management challenge for their agency.” And in its September 2012 report on mobile security, GAO found that malware aimed at mobile devices alone has risen 185% in less than a year. Talk about scary.
Understanding the gravity of the situation, the government has declared cybersecurity as one of our most important national security priorities (see video above and last week’s AOL Gov report). Congress considered, but could not come to an agreement on, legislation in the House and Senate this summer to address the growing cybersecurity threat. The White House, itself a recent victim of a cyber attack, is preparing an executive order to address the issue – and officially proclaimed October to be National Cyber Security Awareness month.
So, beyond being aware, what can agencies do to improve security and increase resilience in light of emerging threats? Kurt Roemer, Chief Security Strategist for Citrix Systems, notes that desktop virtualization can create a more secure environment by keeping sensitive information in the data center as opposed to distributing it. Virtualization also gives IT the ability to centralize enterprise applications and data and deliver them securely to any device. An Enterprise Mobility Management (EMM) strategy also helps to protect government applications and confidential data on mobile devices while enabling secure collaboration on Web- and Windows-based applications.
In moving beyond haunted houses to haunted enterprises, don’t worry about spider webs – focus on the threats spinning around the World Wide Web. The IT industry serves as a modern-day Ghostbusters to offer guidance and best practices for ensuring that information systems are protected. As industry and government work together, we will become stronger in mitigating the vulnerabilities of today and the risks of the future.
Tom Simmons, Area Vice President of Public Sector for Citrix Systems, is available at email@example.com.