Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Government Security The Almighty Buck Your Rights Online

Cash-Strapped States Burdened By Expensive Data Security Breaches 58

Posted by Soulskill from the states-such-as-south-carolina dept.
CowboyRobot writes "As budgets are pinched by reduced tax collection, many U.S. states are facing a possibility of not being able to handle the ever-increasing number of data breaches. 70% of state chief information security officers (CISOs) reported a data breach this year, each of which can cost up to $5M in some states. 'Cybersecurity accounts for about 1 to 2 percent of the overall IT budget in state agencies. ... 82 percent of the state CISOs point to phishing and pharming as the top threats to their agencies, a threat they say will continue in 2013, followed by social engineering, increasingly sophisticated malware threats, and mobile devices.' The full 2012 Deloitte-National Association of State Chief Information Officers (NASCIO) Cybersecurity Study is available online (PDF)."
This discussion has been archived. No new comments can be posted.

Cash-Strapped States Burdened By Expensive Data Security Breaches More

Cash-Strapped States Burdened By Expensive Data Security Breaches

Comments Filter:

  • Cry A Fucking River (Score:3, Informative)

    by Anonymous Coward on Sunday October 28, 2012 @04:46AM (#41795057)

    So they "cannot afford" 5% of their IT budget going into Security ? 5% is a realistic number, as military R&D programs apparently spend in the order to 10 to 20% of their R&D budgets just on IT security, managing all the security measures etc. It is high time to accept that IT Security is not optional - it must be architected into any IT system from day one. All IT concepts must be checked for their security by professionals who have a clue about Computer Science and Computer Security.

    I know that the MBA Clueless are overruling sane security arguments these days; I know that the MBA Ignorants don't want to spend a penny on proactive IT security; I know that MBAers cannot think rigorously. Government managers are probably even more stupid than the MBA Crap, but we won't fix security by whining and hand-wringing. We cannot "bolt on" security; instead sane security methods and practices must be applied.

    If you cannot afford IT Security, you simply cannot afford IT. Then simplify your processes, use paper and actually do some work instead of getting fat in a government chair.

    The rational way forward would be to pool resources with other states and get economy of scale from that. This requires that processes are standardized and that lawmakers don't make fucking stupid legislation which requires billions of dollars in bespoke software development.

  • Report from the Trenches (Score:4, Informative)

    by Salgak1 ( 20136 ) <salgak.speakeasy@net> on Sunday October 28, 2012 @05:08AM (#41795105) Homepage
    Don't remind me. I work at a un-named Federal Agency. Routinely, I write up problems and solutions, not just for the immediate issue, but for the problem in general.

    And then . . . . . crickets. But Ghod forbid that I don't "produce" a number of incident write-ups/etc per shift. . . .

    Alas. . . .there ARE no private sector jobs I seem to be able to get: I'm stuck in the Federal "ghetto". . .

Slashdot Top Deals

They are relatively good but absolutely terrible. -- Alan Kay, commenting on Apollos

Close