Professional Documents
Culture Documents
Federal Network Security Report
Federal Network Security Report
Network
Security
Survey
Report
April
20,
2015
EXECUTIVE SUMMARY
EXECUTIVE SUMMARY
The
ability
to
protect
data
on
the
network
diminishes
the
further
the
data
travels.
Budget
constraints,
limited
resources,
complexity
and
impact
on
the
network
performance
are
top
challenges
for
agencies
when
protecXng
the
data
on
the
network.
In
most
cases,
agencies
are
are
focused
on
SSL
encrypXon
to
secure
web-based
applicaXons.
Yet
there
are
many
other
applicaXons
that
need
to
be
encrypted
in
transit.
What
encrypXon
is
used
in
those
cases?
EXECUTIVE SUMMARY
Cybersecurity
PrioriCes
Agencies
cybersecurity
prioriXes
for
2015
include
a
widespread
focus
on
prevenXon
(72%),
although
idenXcaXon
(47%)
and
remediaXon
(48%)
are
also
high
prioriXes.
High
priority
in
2015
0%
47%
48%
48%
46%
4%
5%
6%
PrevenXon
IdenXcaXon
RemediaXon
25%
72%
50%
75%
24%
100%
N=200
What
are
your
agencys
cybersecurity
priori1es
for
2015
with
regard
to
preven1on,
iden1ca1on,
and
remedia1on?
FEDERAL
NETWORK
SECURITY
SURVEY
REPORT
|
MARKET
CONNECTIONS,
INC.
|
703.378.2025
Cybersecurity
Budget
In
most
instances,
agencies
cybersecurity
budgets
are
esXmated
to
remain
unchanged
from
the
previous
scal
year.
In
line
with
its
relaXvely
higher
priority,
24%
of
respondents
anXcipate
budgets
for
prevenXon
to
rise
in
FY
2015.
Increase
in
FY
2015
0%
Decrease in FY 2015
16%
14%
76%
80%
6%
8%
6%
PrevenXon
IdenXcaXon
RemediaXon
24%
25%
50%
71%
75%
100%
N=200
To
the
best
of
your
knowledge,
in
each
of
the
following
areas
did
your
agencys
cyber
security
budget
increase,
decrease,
or
stay
about
the
same
as
the
previous
scal
year?
FEDERAL
NETWORK
SECURITY
SURVEY
REPORT
|
MARKET
CONNECTIONS,
INC.
|
703.378.2025
Network-level
4%
security
22%
Agency-level
cyber
5%
security
0%
20%
5-Fully protected
48%
24%
10%
26%
48%
30%
40%
50%
23%
60%
70%
80%
90%
100%
N=200
In
your
opinion,
how
would
you
best
rate
your
agencys
overall
cyber
security
protec1on,
and
your
agencys
level
of
network
security?
FEDERAL
NETWORK
SECURITY
SURVEY
REPORT
|
MARKET
CONNECTIONS,
INC.
|
703.378.2025
PROTECTION PROTOCOLS
Agency
StandardizaCon
Historically,
agencies
have
used
rewalls,
encrypXon
appliances
and
routers
with
encrypXon
modules.
Some
of
these
tools
can
impact
performance
and
do
not
suciently
protect
data
on
the
network.
Agency
StandardizaCon
Firewalls
85%
67%
EncrypXon
appliance
Router
with
encrypXon
module
Other
N=151
0%
58%
1%
25%
50%
75%
100%
Budget constraints
75%
56%
48%
Complex to implement/maintain
46%
36%
Lack
of
bandwidth/capacity
Other
N=200
0%
32%
8%
10%
20%
30%
40%
What
are
the
top
challenges
you
face
with
regard
to
protec1ng
your
data
on
the
network?
(select
top
3)
50%
60%
70%
FedCiv
Defense
52%
68%
80%
10
16%
40Gbps
20%
10Gbps
31%
1Gbps
16%
100Mbps
12%
Other
N=200
4%
0%
5%
10%
15%
20%
25%
30%
35%
What
is
your
agencys
typical
network
connec1on
speed
between
data
centers
or
remote
oces?
FEDERAL
NETWORK
SECURITY
SURVEY
REPORT
|
MARKET
CONNECTIONS,
INC.
|
703.378.2025
11
0%
25%
58%
49%
33%
50%
75%
100%
N=198
36%
45%
61%
6%
6%
7%
Agency to agency
How
would
you
rate
your
agencys
ability
to
protect
the
following
aspects
of
data
in
transit/
over
the
network?
FEDERAL
NETWORK
SECURITY
SURVEY
REPORT
|
MARKET
CONNECTIONS,
INC.
|
703.378.2025
PROTECTION PROTOCOLS
12
Very important
64%
31%
Somewhat important
95%
IMPORTANT
4%
Somewhat/
0%
very
unimportant
0%
N=200
10%
20%
30%
40%
50%
60%
70%
How
important
is
encryp1on
of
data
on
the
network,
rela1ve
to
the
overall
security
of
your
agencys
data?
FEDERAL
NETWORK
SECURITY
SURVEY
REPORT
|
MARKET
CONNECTIONS,
INC.
|
703.378.2025
PROTECTION PROTOCOLS
13
ProtecCng
Data
Although
agencies
may
think
they
are
protecXng
their
data
at
sucient
levels,
a
majority
are
focused
on
SSL
encrypXon
to
secure
web-based
applicaXons.
This
does
not
address
other
inight
trac
types
that
require
a
minimum
of
128
bit
soluXons
for
Secret
and
256
bit
encrypXon
soluXons
for
Top
Secret
inight
data
sets.
Protocols
to
Protect
Data
User
credenXals
(for
applicaXon
security
only)
80%
EncrypXon
N=198
76%
62%
9%
20%
128 bit
Level of EncrypCon
49%
32%
256
bit
5%
Unsure
N=151
0%
9%
20%
40%
60%
80%
PROTECTION PROTOCOLS
14
Budget constraints
45%
39%
32%
29%
Complex to implement/maintain
29%
Lack of bandwidth/capacity
18%
Other
N=38
3%
0%
10%
20%
30%
40%
50%
For
what
reason(s)
are
you
not
encryp1ng
the
data
on
your
network?
(select
all
that
apply)
FEDERAL
NETWORK
SECURITY
SURVEY
REPORT
|
MARKET
CONNECTIONS,
INC.
|
703.378.2025
PROTECTION PROTOCOLS
15
Importance
of
Suite
B
Eighty-seven
percent
of
respondents
believe
it
is
important
to
base
their
network
protecXon
strategy
on
the
Suite
B
encrypXon
algorithm.
Strategy
Based
on
Suite
B
Importance
56%
Very
important
Somewhat
important
31%
Neither
important
nor
unimportant
Somewhat/
very
unimportant
N=
151
0%
11%
2%
20%
40%
60%
Suite B is a set of
cryptographic
algorithms
promulgated
by
the
NaXonal
Security
Agency
as
part
of
its
Cryptographic
ModernizaXon
Program.
It
is
to
serve
as
an
interoperable
cryptographic
base
for
both
unclassied
informaXon
and
most
classied
informaXon.
RECOMMENDATIONS
16
RecommendaCons
Despite
the
priority
agencies
place
on
security
and
prevenCon,
the
study
results
show
there
is
no
place
within
the
enterprise
where
data
is
fully
protected
to
prevent
cyber-aaacks.
It
is
criCcal
to
ensure
your
encrypCon
strategy
expands
as
your
enterprise
grows
to
accommodate
addiConal
users
and
networking
services.
Checklist
for
selecCng
a
data
protecCon
soluCon
for
your
network
! Simple
to
implement
and
maintain
! Does
not
impact
your
network
or
increase
network
costs
due
to
complexity
and
management
overhead
! Protects
the
dierent
types
of
data
on
your
network
and
is
Suite
B
compliant
if
you
have
Secret
and
Top
Secret
data
! Can
handle
your
data
connecXon
speed
today
as
well
as
into
the
future
17
Air Force
Army
Congress
Department
of
TransportaXon
(DOT)
Department
of
Agriculture
(USDA)
Department
of
Treasury
(TREAS)
Federal
AviaXon
AdministraXon
(FAA)
Judicial/Courts
Department
of
Homeland
Security
(DHS)
Navy
RESPONDENT CLASSIFICATIONS
18
Job
Role
A
wide
variety
of
agency
roles
are
represented,
the
most
common
of
which
are
Chief
InformaXon
Ocer,
Network
Manager,
Data
Center
Manager/Director
and
Security
Administrator.
Chief
InformaXon
Ocer
13%
Network Manager
12%
9%
Security Administrator
8%
Network Administrator
6%
Network Architect
4%
3%
Security Architect
2%
Other
N=200
What
is
your
role
at
your
agency?
ExecuCve
Director
Project
Manager
Program
Manager
IT
Director
42%
0%
5%
10%
15%
20%
25%
30%
35%
40%
45%
RESPONDENT CLASSIFICATIONS
19
46%
45%
32%
18%
8%
0%
10%
20%
30%
40%
50%
How
are
you
involved
in
decisions
or
recommenda1ons
regarding
your
agencys
network
data
protec1on?
(select
all
that
apply)
FEDERAL
NETWORK
SECURITY
SURVEY
REPORT
|
MARKET
CONNECTIONS,
INC.
|
703.378.2025
Contact
InformaCon
Dave
Glantz,
Director
of
Research
Services
DaveG@marketconnecXonsinc.com
|
703.378.2025,
ext.
104
Monica
Mayk,
MarkeCng
Director
MonicaM@marketconnecXonsinc.com
|
703.378.2025,
ext.
107
Susan
Rose,
Thought
Leadership
Content
Lead
SusanR@marketconnecXonsinc.com
|
703-944-7685
20