As federal and state agencies are forced to do more with less, concerns continue to mount, Illena Armstrong learned during an SC Magazine roundtable.
To find a generally accurate barometer to gauge the typical pace of government, just turn to personal experience.As an example, recall a recent jaunt to the Department of Motor Vehicles to renew a driver's license or, perhaps more fitting given still bleak economic forecasts, a visit to the state Unemployment Insurance Agency to verify eligibility for extended benefits. The lines to talk to an agent undoubtedly were long, the conversation with the government representative likely patience-trying, the follow-up paperwork tedious, and the desired end result long in coming.
Similar types of impediments experienced by the average Joe or Jane when attempting to check a government-related item off their to-do lists are often felt by the lead executive responsible for the security of a particular agency or department. As the economy lurches for a comeback, even the most stalwart pro can grow weary of wrangling for needed funds and resources.
“It's a mixed bag,” says Bob Maley, founder and principal at consultancy Strategic CISO and former CISO of the state of Pennsylvania. Across government, various agencies and states have some high-caliber people who are doing a lot with a little, he says. “The sad fact is that's the exception rather than the rule.”
As well, when it comes to adopting new technologies and processes, let alone those that may help avert some yet-to-occur data security happening in the future, government frequently is late with support.“Government may be the slower ones to embrace new technologies,” Maley says.
Part of the reason for this is the time it takes to get projects finished, he adds. Approval processes to acquire funding, to choose vendors and more are extremely time-consuming.
“That time cycle is far more extensive than in the private sector,” he says. “I've got to believe it's the state of bureaucracy that slows things.”