Why visibility matters — FCW

0
105

Comment

Why visibility matters

eye behind data (Titima Ongkantong/Shutterstock.com) 

When making decisions with respect to cybersecurity technologies and program funding, the federal government doesn’t work like the private sector: In most cases, corporations view cybersecurity decisions as business decisions. They determine whether the purchase of, for example, a Security Incident Event Monitor will generate more or less value than other purchase proposals — like a new marketing analytics tool or an accounting app. Then, they’ll proceed based upon what they conclude. If the risk of not buying the item outweighs the projected benefits of the other items in consideration, they’ll acquire it.

In contrast, government agencies must adhere to legislation such as Clinger-Cohen and the Federal Information Security Management Act, as well as oversight regulations like the Continuous Diagnostics and Mitigation Program from the Department of Homeland Security. Federal leaders do not have the latitude to adopt “business case versus business case” decision-making models. In many cases cybersecurity is a budget line item or accountable program. Agencies are allocated a…

Read More…