How agencies' security efforts can drive economic growth

Cybersecurity research

Understanding the link between cybersecurity, physical assets and economic growth can help the government design an approach that provides both IT and economic security. A cyber incident can have physical impacts, while a physical incident can have cyber implications -- and both are likely to come with economic costs.

To foster a climate in which cyber and physical assets foster economic vitality, both risks must be addressed and technology must be seen as a key player in economic development.

A security breach can have devastating economic effects and hinder the public's ability to receive the services it needs. In a 2014 Ponemon Institute study on the economic consequences of advanced persistent threat attacks, the majority of organizations surveyed said targeted attacks are the greatest threat, costing them on average $9.4 million in brand equity alone.

And the costs of those breaches continue to rise. According to Ponemon's 2014 U.S. Cost of a Data Breach Study, the organizational cost of data breaches has increased from $5.4 million to $5.9 million.

The ability to attract companies that drive economic and job growth might be affected should businesses hesitate to choose a location that has not protected its data from hackers. And people might avoid living and working in a region that loses its ability to provide services to constituents because of an inability to protect physical assets, such as automated water or electrical systems, from a cyberattack by hostile actors.

The connection between economic vitality and security is a critical consideration for government at all levels. Long-term, sustainable economic vitality is dependent on individuals' and businesses' use of technology to accelerate productivity. Yet greater use of technology also increases risk. The threat of data breaches, hacking attacks and loss of information increases in a way that could hinder economic growth, opportunity and stability. Accordingly, governments must focus on how to prevent both inadvertent and deliberate security risks.

To accomplish that objective, government agencies can adapt and incorporate security intelligence in their physical and cybersecurity solutions to help drive economic security and vitality. Security intelligence uses real-time data, advanced analytics and expert analysis to predict, identify and react to potential threats. Security intelligence goes far beyond the normal limits of IT security by automatically monitoring, analyzing and prioritizing an organization's risk landscape.

Sophisticated correlation and analytics, advanced threat analysis and continuous monitoring proactively highlight risks, helping to identify, track and address threats throughout an organization. Organizations with security intelligence are less likely to have a security breach and are better able to reduce remediation costs should a data breach occur.

To integrate security intelligence and drive economic vitality, agencies must develop a comprehensive, balanced strategy that includes all departments, missions and program owners. Building security intelligence starts by taking three important steps:

  1. Get informed. Take a structured approach to assessing business and IT risks.
  2. Get aligned. Implement and enforce security excellence throughout the organizations, divisions, departments and agencies of local, municipal, regional and national governments.
  3. Get smart. Use analytics to proactively highlight risks and identify, monitor and address threats.

With that approach, government can collaborate with industry to create a strong infrastructure and provide the foundation for delivering critical services and increasing trust and investment in an economy. And with that trust and investment comes growth, so holistically addressing security threats has a significant impact on the ability of agencies to deliver on their missions and contribute to the economy.

The ability to deliver on key public-sector missions in turn affects the economic prosperity of cities, states, regions and even nations. And as threats become more sophisticated and new technologies emerge, government organizations must get smarter about IT security. Those that have adopted security intelligence can meet evolving security and economic challenges in a way that enables mission and economic results.

By beginning with those three steps, government leaders can have a better understanding of where their organization stands, devise a customized plan and bring together business insight, advanced research and technology for a secure position that enables and encourages economic development, growth and vitality.

More on this topic is available in a related IBM white paper.

About the Authors

Dan Chenok is executive director of the IBM Center for the Business of Government.

John Lainhart leads IBM's Public Sector Cybersecurity and Privacy Services.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Shutterstock image: looking for code.

    How DOD embraced bug bounties -- and how your agency can, too

    Hack the Pentagon proved to Defense Department officials that outside hackers can be assets, not adversaries.

  • Shutterstock image: cyber defense.

    Why PPD-41 is evolutionary, not revolutionary

    Government cybersecurity officials say the presidential policy directive codifies cyber incident response protocols but doesn't radically change what's been in practice in recent years.

  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group