Making government IT security better

Making government IT security better

Summary: ZDNet's Government IT blog asks why Federal IT security was so crappy. The post was spurred by a piece by Zach Goldfarb in the Washington Post that answered that question and gave some suggestions on what to do about it.

SHARE:
TOPICS: Security
2

ZDNet's Government IT blog asks why Federal IT security was so crappy. The post was spurred by a piece by Zach Goldfarb in the Washington Post that answered that question and gave some suggestions on what to do about it.

At the state level, security isn't a whole lot better. Utah spent a lot of time on it leading up to the 2002 Olympics because we knew we'd be a target (and we were). But even in normal times, government IT sites see more than their fair share of attacks. At the same time, IT security is one of those things that most leaders outside IT don't want to hear about because it's a drain on what they want most: accomplishments worthy of mention in the news.

You could argue that a big security breach is news and not the kind politicians want, but the media types that cover politics don't seem to be savvy enough yet to tie those failures back to the non-IT leaders and public policy. Usually, the problem is reported as a technical problem with no ties to administration policies. Goldfarb's article is a sign that's changing.

A good part of the responsibility lies with agency (or state or municipality) CIOs who have to spend the time and money to get security right even if it's not what their boss is pushing them to do. Ultimately, it's the things that's in the best interest of the citizens that are being served.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

2 comments
Log in or register to join the discussion
  • Public v Private Sector Incentives

    I believe the answer is fairly simple - it's an issue throughout all government agencies. The objectives of the organization are not to cut costs or to make shareholders happy. And the objectives of the company are not to get on the promotion track and make it rich.

    Government employees are incented for longevity, not skill. And government agencies are incented for not emberassing the politicians, not to make a buck, be innovative, or get bought out.

    It's sad, but the lack of incentives results in the collection of long-term, less-skilled workers with no desire to improve the quality of the environment.

    Doug
    http://www.douglaskarr.com
    Douglas Karr
    • You're right...that's a pretty SIMPLE-minded answer

      You clearly don't know much about government IT.
      mgardner