Government Cybersecurity Priorities Revealed

Lloyd McCoyWritten by | Security

The release last month of both the Department of Defense Cyber Strategy and National Cyber Strategy is a clear indication of the U.S. government’s serious intent to stay ahead of cyber offenders. Cyber budgets have been in the $13 to $15 billion range for the last few years and are expected to continue supporting the demand. So, what does that mean for those vendors selling security solutions to government?

The strategy documents incorporate much of what we’ve heard from the administration over the past year and there are some important priorities you should be aware of as we head into FY19: robust information sharing, greater resilience, encryption, cyber scalability and hardening of IT systems, to name just a few.

Offensive Cyber
One of the most notable developments is a more overt embrace of offensive cyber operations. The DOD Cyber Strategy especially, hones in on this “defending forward” strategy, where the U.S. will confront threats before they reach U.S. networks.

By giving the government more latitude to conduct proactive and offensive cybersecurity, we could see more funding and resources allocated to these operations as early as next year. Expect more demand for network mapping and reconnaissance, data extraction, firewall tunneling and encryption/decryption tools, just to name a few. I expect most of the funding and demand for offensive cyber tools will be generally confined to U.S. Cyber Command and the intelligence agencies.

Given the advanced cyber threats that are out there, particularly from nation states like China, Russia and North Korea, the cyber realm is seen as a natural extension of national power and deterrence. Those selling to the Department of Defense should take note that the military services will increasingly use cyber to amplify lethality of military operations. Those selling IT tools (not just security) should think about how your solutions help toward that aim.

Homeland Security
The National Cyber Strategy spoke at length about protecting our critical infrastructure. It goes so far as to identify key industries where risk management efforts will be focused: national security, energy and power, banking and finance, health and safety, communications, information technology and transportation. This emphasis continues from previous administrations and demonstrates the government’s commitment to identifying and promoting IT investments necessary to protect our critical infrastructure.

The National Cyber Strategy also reaffirmed the role of the Department of Homeland Security as the central orchestrator for the defense of civilian agency networks. The Strategy directed the civilian agencies to continue transitioning their IT to shared services and for DHS to oversee protection of that shared infrastructure. Each of the civilian agencies will always have a pot of money set aside for security, but we’ll see more and more decisions and budget authority coming out of DHS.

Emerging Technology
Both strategies underscored the importance of next-gen technologies to help address the cyber threats that are out there. Quantum technology was mentioned several times as well as artificial intelligence and next generation infrastructures. If you have solutions and ideas on how to apply emerging technologies to improve our security, most notably in machine learning, hybrid cloud security, blockchain security, encryption and hardware authentication, then you’ll find a receptive audience across government.

Fortunately for IT security vendors and partners, last week’s directives show how the government is all in when it comes to security. There’s a sense of urgency permeating both the National and DOD Cyber Strategy — given the known threats, but also the unknowns. This fall is a critical time for getting in front of program managers and decision makers because October through December is when they begin to shape budget priorities for next year.

Show how you can help the government better share threat intelligence, protect its networks, bring the fight to the adversary and take advantage of tomorrow’s technology.

Interested in learning more about cybersecurity trends in government? Register for the 5th Annual Government IT Sales Summit on November 15, 2018 in Reston, Virginia.

This story originally appeared on immixGroup’s Government Sales Insider Blog.

By Lloyd McCoy
Market Intelligence Manager
immixGroup, An Arrow Company

Last modified: May 2, 2019