This publication and the abstract below was published by The Belfer Center in April 2018. ICIT strongly encourages you to visit the The Belfer Center Publication Library to search for additional information security resources which are freely available.

The Belfer Center : Understanding Federal Cybersecurity

Federal networks are attractive targets for foreign intelligence services and other malicious actors in cyberspace. They enable government missions and operations, handle sensitive internal communications, and store personal data on millions of Americans. The level of threat faced by federal government networks has few parallels, and agencies have been unable to keep up. Multiple compromises—including those of the Office of Personnel Management, the Department of Defense, the Department of State, the Executive Office of the President, and the Internal Revenue Service—have exposed agencies’ missions to risk and undermined trust and confidence in the government.

Securing federal networks, one might imagine, ought to be simpler than other aspects of U.S. Cybersecurity policy. The issue is not a partisan one, nor do the solutions require as much cajoling and influencing of nongovernmental actors, like critical infrastructure operators. So why is it so difficult to secure these systems appropriately? Answering this question requires first understanding the complex environment of federal cybersecurity efforts. Only then can analysts examine why roadblocks remain and what solutions may be most effective.