News Room

About

• Company
• Careers
• News Room
  • Media Releases
    • 2009 Releases
    • 2008 Releases
    • 2007 Releases
    • 2006 Releases
  • News Coverage
  • Online Media Kit
  • Media Inquiry
  • Meet the Analysts
• Member Services
• Contact

Media Releases

«Back   

February 21, 2007

INPUT: Federal Agencies Will Spend $690 Million by FY 2012 on IT Security Education

Agency Security Awareness Training Currently Falls Short

Reston, VA – February 20, 2007 – INPUT expects the Department of Defense and Civilian Agencies to spend $690 million on IT security education and awareness programs over the next five years, according to a recent report released by INPUT, the authority on government business. The report says that federal agencies recognize that a sound IT security program begins with a security-aware workforce that is educated in identifying cyber attacks.

“Both defense and civilian agency employees are the target of increasingly sophisticated attacks designed to mislead even expert computer users,” said Prabhat Agarwal, manager of Information Security at INPUT. “This has resulted in an increased risk of data theft, which is further compounded by the lack of security awareness and education in the federal workforce. All of this could lead to greater congressional scrutiny and agencies will be in the hot seat to improve information security education and awareness programs. The fact that OMB has also selected security awareness training as one of the first security lines of businesses drives home this point,” said Agarwal.

According to the report, the Federal Information Security Management Act (FISMA) currently mandates that federal agencies provide security awareness and training to employees on an annual basis. However, this level of frequency is not adequate to create security awareness in the minds of the workforce. A successful education program must be conducted regularly and include frequent and random testing – at a minimum of every few months, the report suggests. “The effectiveness of FISMA-compliant security awareness programs will be measured by the new Congress in direct proportion to the number of security breaches occurring across the federal government,” said Agarwal.

The report also says that federal agencies are beginning to establish department-wide policies on security training. For example, the Department of Defense recently mandated all employees to complete “phishing” training by January 17, 2007, as a first line of defense against sophisticated hackers who use customized and personalized spear phishing attacks. Similar department-wide training and educational mandates are expected to be established across other branches of the federal government.

This INPUT/Output® report is available to INPUT Network™ members. For more information on becoming a member, call 1-888-99-INPUT or submit an online information request at http://www.input.com/corp/forms/form.cfm?promoid=1282.

About INPUT
INPUT is the authority on government business. Established in 1974, INPUT helps companies develop federal, state, and local government business and helps public sector organizations achieve their objectives. Over 1,300 members, including small specialized companies, new entrants to the public sector, and the largest government contractors and agencies, rely on INPUT for the latest and most comprehensive procurement and market information, consulting, powerful sales management tools, and educational & networking events. For more information about INPUT, visit www.input.com or call 703-707-3500.

Proper use of name is INPUT
*****

* Some links on this page may require a login and password to view. For more information complete an online information request or call 1-888-99-INPUT.