ORLANDO, Fla. – June 2, 2008 – Increased collaboration and information sharing between the public and private sectors is needed to improve cybersecurity, according to a new study released today by Symantec Corp. (Nasdaq: SYMC).
The 2008 Critical Connections study examines each sector’s information security priorities, as well as awareness of and attitudes toward the new National Cyber Security Initiative, a proposed federal initiative that would allocate more than $30 billion over the next seven to 10 years to improve cybersecurity. Attendees at the Symantec Government Symposium on July 31 in Washington, D.C. will continue discussion on these critical topics.
The survey found that 68 percent of federal, 59 percent of private sector, and 48 percent of state and local respondents call for increased collaboration to improve cybersecurity. In addition, 78 percent of private sector respondents say they want more information from the government on cyber threats.
The study, which was conducted by O’Keeffe & Company and sponsored by Symantec and Dell, surveyed 600 IT executives: 200 federal, 200 state and local, and 200 private sector. Symantec announced the study results at the Fourth Annual Government Forum of Incident Response and Security Teams (GFIRST) National Conference in Orlando, Fla.
Across all sectors, respondents share common challenges
- 63 percent of federal, state and local government, and private sector IT executives believe they are under increased threat compared to last year and 82 percent are placing a higher priority on information security
- 78 percent of federal, 74 percent of private sector, and 60 percent of state and local respondents stated data breaches were their primary security concern
- Organizations in all sectors say they have achieved the greatest progress in the areas of database security, threat monitoring and management, and security training
- More than half of federal and private sector respondents and one-third of state and local respondents named mobile security as a critical concern, but only 29 percent of all respondents plan to increase spending
At the same time, significant disconnects exist, but federal respondents consistently rated higher on key IT security measures
- While the federal government is leading the charge in preparedness exercises and automating security reporting, state and local agencies and the private sector are not as diligent
- 63 percent of federal respondents report their organization has participated in cybersecurity preparedness exercises compared to 39 percent of private sector and 32 percent of state and local respondents
- 64 percent of federal respondents have automated threat reporting compared to 44 percent of private sector and 38 percent of state and local respondents
The study found that IT executives support the National Cyber Security Initiative but want to learn more about it. While the vast majority of all groups believe the National Cyber Security Initiative will have a positive impact on security, the survey results indicate that more education and communication is needed.
“The 2008 Critical Connections study highlights that federal, state and local, and private sector organizations recognize they must work together to establish the critical connections necessary to improve security in a shared threat environment,” said Dennis Heretick, former chief information security officer for the Department of Justice and chair of the Symantec Government Symposium Advisory Board. “The federal government has a number of gifted leaders that understand the evolution of threats and deserve strong commendation for taking a dynamic approach to risk management. As such, the federal government owns a significant opportunity to share best practices with private industry and state and local government to improve information security.”
“Both public and private sector organizations are dealing with a new threat landscape that extends beyond the perimeter to encompass every endpoint that connects to a network,” said John McCumber, strategic programs manager for Symantec. “As the study illustrates, today’s security challenges—from preventing data breaches and ensuring the privacy of confidential data to protecting critical infrastructure—are not limited to a single sector. By taking an information-centric approach to security, organizations can be confident in that their most critical data is protected, wherever it resides.”
To download the full Critical Connections study, visit the Symantec Government Symposium Web Site: www.symantec.com/symposium.
To download the Critical Connections podcast, visit: http://www.symantec.com/about/news/podcasts/detail.jsp?podid=b-critical_connections.
About Symantec Government Symposium
The 2008 Symantec Government Symposium is a free, one-day event that will bring together more than 500 government IT, security and business professionals to discuss all aspects of information protection and security, including storage management, virtualization, backup and recovery. The event will be held on July 31, 2008 at the Ronald Reagan Building in Washington, D.C. For more information and to register, please visit: www.symantec.com/symposium.
Symantec is a global leader in providing security, storage and systems management solutions to help businesses and consumers secure and manage their information. Headquartered in Cupertino, Calif., Symantec has operations in more than 40 countries. More information is available at www.symantec.com.
NOTE TO EDITORS: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
*Correction - June 3, 2008 - change the word/phrase from "data breeches" to "data breaches".