Home Rise in IoT pushes government agencies to rethink security

Rise in IoT pushes government agencies to rethink security

It used to be protecting your network meant keeping track of the desktop and laptop computers that access it. Then, smartphones came onto the scene, and now wearables and other IoT devices as well as the cloud computing are making it harder than ever to keep up.

IoT and the cloud have both become hot-button issues in the world of information technology as good security practices are no longer just a matter of securing a single system, but every third-party system that it has connected to it, as well.

“Government institutions are seeing digital transformation at an unprecedented scale, but those changes come at the price of ever-evolving security risks,” said Maria Horton, CEO of EmeSec and former CIO of the National Naval Medical Center.

This challenge becomes increasingly critical with a rise in inter-connected systems between agencies, where users are given access to databases and networks outside of their base network. Contractors, each with their own set of system requirements and security procedures, are often given access to controlled yet unclassified information (CUI) that requires compliance with government and agency standards.

“Government leaders need to outline new processes for authorizing digital identities for individuals or devices across different platforms so partner agencies can better understand access in the context of each user and technology,” said Horton.

Agencies will need to set new rules and guidelines

Doing this will take a lot of work on the part of the government to establish a new set of rules that incorporate this new generation of connected devices and cloud services. One way it is doing this is through the Einstein program and the Department of Homeland Security’s Trusted Internet Connections Reference Architecture, but even this stringent set of guidelines fails to prevent possible third-party attacks which are more indirect, yet equally as damaging.

The answer to this growing problem may well be in how risks are prioritized and addressed.

“Agencies can’t take an all or nothing mentality. Compliance isn’t security, and security isn’t compliance. Rather than claiming one or the other, government cybersecurity leaders should use the NIST and FISMA guidelines, and then align specific security controls based on risks,” Horton said. “Many governance, risk and compliance tools focus on mitigating reported risks instead of tackling them in real time. In-the-trench risks will be what IT leaders see exclusively from now on.”

Comprehensive coordination between agencies and contractors is key to building a plan that takes these new technologies into account, protecting CUI and safeguarding networks from unwanted intrusion.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.