A new report from MeriTalk, a public-private partnership focused on improving government IT outcomes, concluded that federal agencies can save upwards of $5 billion on a yearly basis, as well as making improvements to threat monitoring, automation of protections, and correlation.data
The study was underwritten by Palo Alto Networks, a security vendor. It shows that federal agencies can save up to 27% of their data security budget and improve the way that they tackle threats, which should allow for a faster response time.
As a part of the study, 150 federal employees were surveyed online. The study was conducted in September 2016.
The study found that only 61% of federal entities have systems in place that automatically distribute information about malicious behaviour. The average number of external threat feeds taken in by agencies on a daily basis is 25. Alarmingly, most of those agencies are unable to act upon the information for hours, sometimes even days.
Additionally, only 15% of federal agencies can reprogram endpoint sensors to establish additional protection within minutes, and only 17% of them can distribute the new protection within the same time frame.
Steve O’Keeffe, founder of MeriTalk, commented that agencies tend to approach security in a manual way. He believes that human expertise is not enough to detect new attacks, and that feds need to invest in technology as well. He emphasised the need for both technical skills and technology in order to quickly and effectively determine which attacks were global in nature versus those that were one-time occurrences and responding appropriately.