I recently participated in a panel while attending the Bloomberg RE/BOOT event in Washington, D.C. The focus of the panel was how to improve partnerships between government and industry. We started by discussing how industry can better partner with government agencies to strengthen cybersecurity in the United States. At Splunk, we solve problems by viewing the overall security solution from an ecosystem lens. Splunk technologies are just one part of that ecosystem. To address challenges in a government environment, we see our operational intelligence platform as the foundation that serves as the nerve center of the security operations ecosystem. No single solution or technology can solve every government problem, but together, industry technology leaders can partner with agencies to tackle the various challenges all organizations face – whether it’s improving IT operations or enhancing security.
During the panel discussion, I noted that the key to improving innovation within agencies is through understanding the agency’s mission/business objective. Then mapping those objectives to an achievable maturity path. Security operations is a journey, not a set it and forget it installation. Government is often constrained by resources from both a human and technology perspective, so studying and investing the time to better comprehend how agencies operate enables us to tackle problems piece by piece and identify the internal champions who are ready to embrace innovation and take a longer term approach to security.
In recent years, government has made great strides in reaching out to industry and Silicon Valley to collaborate on solving the most pressing challenges to date. This outreach is just the beginning however, as government will see major benefits if it adjusts procurement processes to allow smaller companies in industry to become involved as well. Most tech startups do not have the resources or funds to invest in the federal procurement and acquisition process. Simplifying these policies will allow tech companies across the private sector to collaborate with one another to address government challenges efficiently and effectively. By pooling resources and determining exactly what needs to be addressed, tech companies can use these partnerships to further complement their existing capabilities. Likewise, well resourced organizations must spend time to understand the problems that government agencies face. Solving a specific problem develops trust and lays the foundation of broader relationships.
When looking at government’s biggest cybersecurity challenges, it is clear that the entire government sector is not a monolith. There is a diversity of security maturity across agencies. Some agencies are at the cutting edge while others are starting their journey to fundamentals like patch management and vulnerability identification. The attackers too are constantly evolving. As a result, agencies today need solutions that are flexible and agile to keep pace with the rapidly evolving threat landscape. Government’s cybersecurity strategy need to be more than just a checklist of new technologies. As industry partners, we need to share our vision of the future with government. Collectively, as an industry, we can anticipate the challenges. And collectively we can outline a strategic technological approach to be successful.
Chief Security Evangelist