The Vormetric report noted that, in general, U.S. federal agencies are doing many of the right things. They just need to do more.
Network defenses tops the list of technologies the U.S. government plans to increase its spending on in the next 12 months, following by analysis and correlation tools, according to security vendor Vormetric’s 2016 Federal Data Threat Report.
According to the report, 53 percent of government agencies plan to spend the most on network defenses, while 46 percent have their money earmarked for analysis and correlation tools.
The report, which was done in conjunction with 451 Research, asked more than 1,100 senior IT security executives their perceptions of threats to data, rates of data breach failures, data security stances and IT security spending plans. It found 60 percent of respondents believe network defenses are very effective—more than any other vertical and well above the U.S. average of 53 percent.
Data-at-rest defenses, however, fared lower within the U.S. Federal vertical: Only 68 percent of respondents believe they are very or extremely effective—the lowest of any vertical and below the U.S. average of 75 percent.
Similarly, data-at-rest defenses were ranked dead last in terms of spending plans, with just 37 percent planning to increase their spending on data-at-rest defenses, compared to the U.S. average of 45 percent.
Responses from the U.S. Federal vertical contained a mix of good and not-so-good news.
On the positive side, 58 percent of respondents replied “somewhat” or “much higher” when asked about their overall spending intentions with respect to protecting sensitive data.
The bad news is that this was the lowest of all verticals, and well behind financial services’ 69 percent.
Worse yet, 61 percent of U.S. federal respondents indicated they had experienced a breach at some point in the past, higher than the U.S. average of 57 percent and trailing only health care (63 percent).
In addition, U.S. federal respondents are also the least likely to increase their spending as a result of data breaches.
There also were some encouraging takeaways; for example, 37 percent of U.S. federal respondents plan to invest in data-at-rest defenses this year.
Following best practices also appears to be gaining momentum: While compliance remains the primary motivator for securing sensitive data, nearly half (48 percent) are looking to implement data security to follow industry best practices.
As the report mentions, compliance is still the leading reason for securing sensitive data in the U.S. federal vertical (55 percent) and the top reason for data security spending (57 percent)—higher than the global average of 46 percent but in line with the percentage (54 percent) of the United States in general.
And there are increasing signs that respondents are looking to implement newer security tools such as cloud security gateways (40 percent), application encryption (34 percent), data masking (31 percent) and tokenization (27 percent).
The report noted that in summary, U.S. federal agencies are doing many of the right things. They just need to do more.
Budgetary constraints received the highest ranking as a data security adoption barrier in the federal government sector (43 percent), well ahead of more wealthy verticals such as financial services (26 percent).