After years of the public and private sectors having listened to the nearly constant cyber threat warnings issued by military and government officials, as well as industry experts, over the past few years, addressing the threats posed to our systems by cyber attacks is now appropriately considered as a work-in-process.
There are some signs that the private sector might be moving to address the new heightened level of cyber security threats, however.
Industry analysts at Gartner revised up their 2nd quarter 2012 dollar growth forecast from 2.5% last quarter to 3.0% for overall global IT spending in 2012.
The question is: Is this increase in attention enough?
Only time will tell! But these actions have mainly focused on acquiring hardware and software for cyber defense and some outside expertise. It was hardly a programmatic approach that this threat should have had.
Today out of necessity, organizations are beginning to move to a state-of-practice where near-real-time cyber threat intelligence and detection is the norm in both the public and private sector.
Many managers and some executives in both the public and private sector are struggling to figure out just how to manage cyber defense programs and initiatives within their organizations. It is well understood without proper management these programs will not meet management’s expectations and fail to achieve their desired results.
Failure in this critical area would likely result in programs being cancelled and budgets reduced, and that is the last thing the public and private sectors need in the heightened state of cyber attacks currently and expected in the foreseeable future.
Organizations are accustom to using strategic program management methodologies to reduce risks associated with critical initiatives. There should be little doubt that any organization will find value in taking a programmatic approach to cyber defense.
Kevin G. Coleman is a long-time security technology executive and former Chief Strategist at Netscape. He is Senior Fellow with the Technolytics Institute where he provides consulting services on strategic technology and security issues. He writes a weekly blog for Breaking Gov on the topic of cyber intelligence.