Informing government decision makers through research & industry insights.

Survey Shows Agencies Not Ready for the Internet of Things

Within the next few years, billions of physical devices and systems will be connected to the Internet and capable of automatically processing and exchanging information. This emerging “Internet of Things” promises to help federal agencies generate efficiencies and more effectively achieve their missions, but it also raises significant cybersecurity concerns. Target’s massive data breach in late 2013, in which hackers exploited HVAC systems of a third-party vendor connected to Target’s enterprise network to steal data on millions of credit and debit cards, demonstrates just how vulnerable organizations can be. An agency's cybersecurity will no longer revolve solely around computers connected to enterprise networks, but will instead need to incorporate the myriad devices and systems increasingly capable of tapping into agency networks. In other words, agencies’ surface area vulnerable to cyberattacks will greatly expand.

As part of a survey of 424 senior federal employees familiar with cybersecurity, Government Business Council and Dell Software asked respondents how their agencies are coping with an increasingly internet-connected world. Overall, respondents indicate that their agencies are behind the curve for the Internet of Things and its implications for cybersecurity.

 


 

Despite the increased attention security vulnerabilities of the Internet of Things have received, federal executives are fairly confident in their agencies’ ability to secure its networked physical devices. This confidence, however, could simply reflect a lack of understanding of the vulnerabilities opened up by the Internet of Things.


 


 

As it turns out, agencies appear to be slow to leverage the Internet of Things. Less than one third of respondents (30%) say that their agencies are already leveraging or quickly moving to leverage the Internet of Things.


 


 

Agencies are also not yet prioritizing the Internet of Things as a cybersecurity issue. Less than half of federal executives say that their agencies are adapting their cybersecurity strategies to accommodate the Internet of Things, and just one quarter say it is a priority.

Together, these results suggest that agencies are in the early stages of accommodating the Internet of Things and have yet to fully internalize its security implications. So what can agencies do to prepare? In an interview with CIO.com, Jerry Irvine, CIO of Prescient Solutions and a member of the National Cybersecurity Partnership suggests two major steps. First, establish policies to ensure that remotely-controlled devices and systems are not connected to enterprise networks. Second, educate and train personnel on the vulnerabilities of the internet of things.

Click here to read the full Government Business Council and Dell Software study, Achieving Holistic Federal Cybersecurity.

Disclaimer

This post is written by Government Business Council; it is not written by and does not necessarily reflect the views of Government Executive Media Group's editorial staff. For more information, see our advertising guidelines.

FROM OUR SPONSORS

Thank you for subscribing to newsletters from GovExec.com.
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

    Download
  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download
  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.

    Download

When you download a report, your information may be shared with the underwriters of that document.