HERNDON, VA - November 13, 2006 - Federal decision makers, especially those in the defense sector, are feeling more confident about their agencies' security capabilities than they did two years ago, according to a survey released today by networking leader Cisco®. These decision makers also report spending more time dealing with mandated security requirements than they did last year, with funding as the top barrier to improving capabilities.
This survey is a follow-up to the initial security inquiry conducted in November 2005 on behalf of Cisco. Both surveys were conducted by Market Connections, a federal information technology market research firm. The online research effort targeted federal IT decision makers from more than 45 civilian and military agencies involved in network security solutions. (http://www.cisco.com/web/strategy/docs/gov/Security_Survey_Nov15.pdf). Since the November 2005 survey, Cisco has issued survey results on Internet Protocol version 6 (IPv6, in June 2006) and enterprise architecture (September 2006).
Nearly half the respondents believe that software automation tools will address most of their agency's security issues in the future. A large majority feel that these automation tools will address network intrusion detection, firewalls and server security. Another significant change this year is that most respondents now consider linking budget to program performance a higher priority than indicated in the 2005 security survey.
"Agency staff tasked with security issues are spending more time dealing with mandated security requirements than they did a year ago," said Aaron J. Heffron, vice president for Market Connections. "Staffing levels and training have not yet caught up with the needs in many security areas. However, the survey revealed that many respondents hope that automation and technologies will help fill the gap."
"Security continues to demand more management attention, including linking security investments to the business objectives and strategies of an agency," said Bruce Klein, vice president of federal operations at Cisco. "Over this last year, we have been working intensively with customers and partners to deliver comprehensive information security solutions that integrate and embed coverage against a wide range of complex security threats, while easing efforts for management and compliance with the various mandates. Providing secure communications and collaboration solutions is increasingly critical in furthering greater productivity, information sharing between agencies and coalitions, and interaction between citizens and their public services."
Most respondents are aware of their agency's Federal Information Security Management Act compliance efforts. Nearly half those aware of and involved in compliance report spending at least a quarter of their time on FISMA compliance. Management and staff issues are top challenges, including management awareness, employee/management participation, a lack of personnel and training, and getting management agreement.
Additional findings:
- Network firewalls and server and workstation security are the most important security components to responders.
- The possibility of reduced operations and security delivery due to security breaches are the main areas causing respondents to lose sleep.
- Most respondents' agencies have a permanent chief information security officer.
- A large majority expect to complete their Homeland Security Presidential Directive-12 requirements on time.
- Achieving green status in every category of the President's Management Agenda, improving security grades on the GAO scorecard, and achieving FISMA compliance are top priorities.
- Cisco is cited as a leading provider of networking security by nearly half the respondents.
- Microsoft and Cisco are perceived as the main players in providing information security solutions.
"With management focusing on resources -- funding, staff skills and competencies, and infrastructure -- and on the benefits associated with security in individual agencies," said Gerald Charles, Jr., executive advisor, Cisco Internet Business Solutions Group, "we see this survey as a strong mandate for continued and expanded investment in proactive, easy-to-use, compliant tools; integration and embedding of security services across the enterprise; and investments in our ecosystem model of services, channel enablement, road maps and best-practice sharing in both governance and business case models."
About the Survey
In August 2006, Market Connections fielded a telephone survey of 200 federal IT decision makers involved in network security solutions. Respondents represented more than 45 agencies within the federal government and all branches of the military around the country and included agency chief information officers, program managers, IT directors and managers, and line of business managers. All respondents were screened to ensure that they had some level of responsibility in the decision making process for network security solutions within their branch, agency or department.
Located in Fairfax, Va., Market Connections is the federal IT market's premier provider of full-service custom market research services. Additional information is available at www.marketconnections.com.