The survey found that 68 percent of federal, 59 percent of private sector, and 48 percent of state and local respondents call for increased collaboration to improve cyber security. In addition, 78 percent of private sector respondents say they want more information from the government on cyber threats.
The study, which was conducted by O'Keeffe & Company and sponsored by Symantec and Dell, surveyed 600 IT executives: 200 federal, 200 state and local, and 200 private sector. Symantec announced the study results at the Fourth Annual Government Forum of Incident Response and Security Teams (GFIRST) National Conference in Orlando, Fla.
Across all sectors, respondents share common challenges:
- 63 percent of federal, state and local government, and private sector IT executives believe they are under increased threat compared to last year and 82 percent are placing a higher priority on information security
- 78 percent of federal, 74 percent of private sector, and 60 percent of state and local respondents stated data breaches were their primary security concern
- Organizations in all sectors say they have achieved the greatest progress in the areas of database security, threat monitoring and management, and security training
- More than half of federal and private sector respondents and one-third of state and local respondents named mobile security as a critical concern, but only 29 percent of all respondents plan to increase spending
- While the federal government is leading the charge in preparedness exercises and automating security reporting, state and local agencies and the private sector are not as diligent
- 63 percent of federal respondents report their organization has participated in cyber security preparedness exercises compared to 39 percent of private sector and 32 percent of state and local respondents
- 64 percent of federal respondents have automated threat reporting compared to 44 percent of private sector and 38 percent of state and local respondents
"The 2008 Critical Connections study highlights that federal, state and local, and private sector organizations recognize they must work together to establish the critical connections necessary to improve security in a shared threat environment," said Dennis Heretick, former chief information security officer for the Department of Justice and chair of the Symantec Government Symposium Advisory Board. "The federal government has a number of gifted leaders that understand the evolution of threats and deserve strong commendation for taking a dynamic approach to risk management. As such, the federal government owns a significant opportunity to share best practices with private industry and state and local government to improve information security."
"Both public and private sector organizations are dealing with a new threat landscape that extends beyond the perimeter to encompass every endpoint that connects to a network," said John McCumber, strategic programs manager for Symantec. "As the study illustrates, today's security challenges -- from preventing data breeches and ensuring the privacy of confidential data to protecting critical infrastructure -- are not limited to a single sector. By taking an information-centric approach to security, organizations can be confident in that their most critical data is protected, wherever it resides."