Governance & Risk Management
,
Risk Assessments
Tying New Tech, Trends to Specific Risks
Federal Information Technology Professionals Analyze Vulnerabilities from Collaboration, Mobility, Web 2.0 Applications and Cyber Terrorism
Eric Chabrow (GovInfoSecurity) •
November 19, 2009
The fact that new technologies and trends present new threats to government information systems isn't new, but research released Thursday from the Ponemon Institute, a think thank that studies privacy and data protection, links particular technologies or trends to specific vulnerabilities.
Among the key findings of the survey of the 217 senior federal IT professionals:
79 percent of respondents see the rise in the use of collaboration tools as significantly increasing the storage of unstructured data sources that contain confidential or sensitive information that is not adequately protected or secured.
71 percent believe that cyber terrorism is on the rise and this trend poses a very serious threat to the protection of proprietary systems as well as our nation's critical infrastructure.
63 percent see the mobility of the government workforce as contributing significantly to endpoint security risks as a result of a plethora of insecure mobile data-bearing devices that are susceptible to malware infections and botnet attacks.
52 percent say that Web 2.0 applications such as social networking, social messaging, blogging and wikis contribute to the leakage of confidential or sensitive information as well as susceptibility to malware and botnet attacks.
"It all adds up to an acknowledgement on the part of those individuals tasked with managing and protecting citizen data that there's a great deal of risk involved in the digitization of federal processes," Larry Ponemon, the institute's chairman and founder, wrote in his blog. "That doesn't mean that we shouldn't continue to make progress in dragging constituent services into the 21st century, but what it does mean is that these eGov initiatives must be undertaken with proper consideration given to the security of sensitive personal information."
More than half of those surveyed held positions at or above the director level. The average overall experience level of the respondents was nearly 17 years. The survey was funded by a grant from CA.