Feds Skeptical About Security of Their Agencies’ Internet-Connected Devices

BeeBright/Shutterstock.com

Major challenges prevent government from adequately securing the smart devices it relies on, including inadequate funding and a procurement process unprepared for digital-age challenges.

Nearly 90 percent of federal managers believe securing internet of things devices, such as sensors and smart technology, is essential to their agency’s mission, but just over 40 percent are confident these devices are truly secure, a new survey found.

Major challenges prevent government from adequately securing the smart devices it relies on, the survey respondents said, including inadequate funding and a procurement process unprepared for digital-age challenges.

About 40 percent of respondents cited each of those challenges, with 30 percent citing a shortage of technical expertise in their agencies and 19 percent citing a lack of support by top leadership.

» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.

The survey was conducted by the Government Business Council and underwritten by the network provider Brocade. GBC and Nextgov are both part of Government Executive Media Group.

The survey included 442 randomly selected federal respondents, 69 percent of whom were at the GS-12 level or above and one-quarter of whom hold ranking positions inside the Defense Department.

Government agencies undergo regular congressionally mandated audits of their information security, but the government has lagged on requirements specific to the connected devices, such as cameras and connected vehicles beginning to pervade society and have become a boon to government work.

About three-fourths of the polled feds believe there should be governmentwide standards for internet of things security as there are for core digital infrastructure rather than allowing standards to vary agency by agency. About the same percentage believe those standards should be as stringent as requirements for computers and other core infrastructure.

Survey respondents cited strong passwords and encryption as top security measures protecting the internet-connected devices their agency currently relies on, but roughly one-fourth said they did not know how their agency is protecting IoT devices.

About half of respondents cited cyberattacks by terrorists as a top fear for connected devices that link to their agency’s network with nuisance hackers and distributed denial-of-service attacks following.