Last week, MeriTalk, a public-private partnership focused on improving the outcomes of government IT, released a survey in collaboration with Splunk to explore how big data analytics play a key role in preventing cyber threats on government networks. With high-profile breaches garnering more public attention, we decided to do a deeper dive on how government cybersecurity professionals are currently monitoring threats on their network and areas in which they can improve. We surveyed 302 Federal, State and Local IT leaders to reveal current cybersecurity strategies and next steps organizations can take to improve security. The outcome? Government agencies understand there is value in using big data to support security, but very few agencies are taking full advantage of this information.
The study finds that government cybersecurity professionals estimate that cyber threats exist on their networks for an average of 16 days before they are detected – 16 DAYS. However, we think this is an optimistic estimate for public sector, especially given that other reports suggest attackers can be present for several hundred days before detection. The good news is 86% of these cyber pros understand that big data analytics will improve their agency’s cybersecurity efforts. Unfortunately, this knowledge has not translated to action yet. Just 28% of IT leaders said their organization is fully leveraging big data for security purposes today. This tells us there is a tremendous opportunity for agencies to expand and enhance security through data analysis. Additional findings from the survey include:
➢ 68% of cyber professionals say their organization is overwhelmed by the volume of security data and 76 percent believe their security team is often reactive instead of proactive.
➢ One in three cyber professionals say they are prioritizing big data analytics for cybersecurity.
➢ While 70% of cyber professionals say their organization can monitor streams of cybersecurity data in real-time, fewer can analyze that data.
➢ By leveraging big data analytics, 61% of IT managers say they could better detect a breach that is currently happening.
As a consensus, government cyber professionals believe they need management support, funding and training to make the shift from reactive to proactive in their cybersecurity strategy. It’s important to note that there is progress– 92% of respondents said they are working to improve cybersecurity by investing and upgrading existing security technologies, deploying network analysis and visibility solutions and investing in training.
Area Vice President, US Federal