From: Washington Post
By Deniece Peterson
Between 2011 and 2016, federal spending on information technology is expected to slow dramatically. One exception? Cybersecurity spending.
Agencies have little choice but to beef up budgets. The number of federal cybersecurity incidents reported to the Department of Homeland Security’s U.S. Computer Emergency Readiness Team has jumped 659 percent since 2006.
The rise in incidents has caught the attention of policymakers, who have added new security requirements in legislation such as the Homeland Security Cyber and Physical Infrastructure Protection Act. Those requirements have worked their way into agency solicitations and into the federal effort to consolidate data centers, which the Office of Management and Budget has said should “increase the overall IT security posture of the government.”
As a result, Deltek predicts annual growth of nearly nine percent — or $14 billion — in IT security spending between 2011 and 2016, a marked increase from the 2 percent growth expected in the overall federal IT market.
Contractors that have invested in continuous monitoring should have a leg up. Agencies realize the old spot-checking paradigm can only tell them when they already have a major problem; they’ll be looking, instead, to develop systems and processes that can catch a security issue before it’s too late.
Continuous monitoring is now a statutory requirement, mandated by Federal Information Security Management Act requirements that call for agencies to report attacks through data feeds culled directly from security management tools.
Contractors that can help stretch an undersized cybersecurity workforce should also have an advantage. For all that systems and automation approaches can do, cybersecurity still requires humans, and agencies are struggling to find qualified personnel.
A recent Center for Strategic and International Studies report revealed the extent of the problem.
“There are about 1,000 security people in the U.S. who have the specialized security skills to operate effectively in cyberspace,” the report said. “We need 10,000 to 30,000.”
Companies that can rapidly and effectively train IT security personnel should find themselves well-positioned to grow.
Leave a Reply