Op-ed: The Human Side Of Cyber Threats

Audrey Taylor and Ben Knopf | Nextgov | May 29, 2013

The escalation of advanced persistent threats to federal systems has cybersecurity leaders rethinking their network protection and risk mitigation strategies. Nearly 50,000 incidents were reported by agencies in fiscal 2012, a 5 percent increase over the previous year.

The Obama administration’s response to these threats underscores the danger of cyberattacks. A February executive order, for instance, mandated the development of a framework to protect the nation’s critical infrastructure from such threats, and President Obama’s fiscal 2014 budget proposal calls for an $800 million increase in Defense Department spending on cybersecurity.

The increase in threat activity points to an uncomfortable reality: There is no such thing as absolute safety. Systems will continue to be breached, even as agencies comply with new requirements under the 2002 Federal Information Security Management Act. Information security leaders are expected to stay ahead of the curve by launching mature security controls, comprehensive incident response processes and better continuous monitoring technology. But for agencies, the biggest security vulnerability is their employees.