Dell Survey Reveals a Majority of Federal Agencies are Using NIST Cybersecurity Framework
Since its release in February 2014, the NIST Framework for Improving Critical Infrastructure Cybersecurity has provided guidance for both government and industry, directing agencies on best practices to mitigate risk and strengthen their security posture. The framework has since had a significant impact in the federal space. A recent Dell survey of federal IT professionals revealed that 82 percent of respondents’ organizations are utilizing the framework to improve their security stance.
Additional survey findings demonstrate that the document is being used as a stepping-stone to a more secure government. In fact, 74 percent of organizations already using the framework indicate that it serves as a foundation for their own cybersecurity roadmap. Further attesting to the document’s advantages, 68 percent of respondents say they look to the framework to improve organizational security and 39 percent use the framework to create a uniform approach to discussing security throughout their agency.
To encourage agencies to fully utilize the framework and take advantage of its many benefits, a number of government departments and agencies, associations, academic institutions and organizations like Dell have developed resources to help support the framework through additional guidance and useful tools. Reflecting the impact of such efforts, 84 percent of survey respondents feel confident that their organization has the necessary resources and guidance to defend against insider threats. As threats increase in sophistication and frequency, this statistic indicates that resources exist, agencies simply need to take advantage of them. For guidance surrounding the NIST Cybersecurity Framework, please visit Dell’s NIST Framework Resource Center.
The NIST Framework Positions Agencies for Cyber Success
The NIST Cybersecurity Framework is just one example of the increased guidance coming from government to help organizations in both the public and private sector improve their security stance. Recent initiatives like the 30-day Cybersecurity Sprint and its follow up, the Cybersecurity Strategy and Implementation Plan, have given government additional resources to bolster security.
The NIST Framework emphasizes the importance of a holistic, end-to-end approach to security and outlines processes and mechanisms for any organization to improve cybersecurity risk management. The framework is intentionally broad in order to support a wide range of organizational needs. Focused on five areas of cybersecurity risk management – identify, detect, protect, respond and recover - the framework recognizes that it is critical for agencies to adopt a holistic approach to security that includes identity and access management, next-gen firewalls, end-point protection and more.
To view the complete results from the survey, please visit //software.dell.com/whitepaper/get-the-balance-right-security-vs-user-productivity890533.
"As security threats continue to increase in sophistication and frequency, holistic, end-to-end security is crucial. The NIST Cybersecurity Framework empowers agencies to identify, detect, protect, respond and recover from cyber threats, and it can serve as an excellent resource for government. Regardless of mission, industry, data type, or threat factor, organizations can use the NIST Framework to strengthen their security posture, develop and enhance cybersecurity roadmaps, improve organizational security and create a uniform security language. From Dell One Identity Manager to Dell SonicWALL’s next-generation firewalls, Dell’s security solutions help agencies get started by supporting the range of security efforts outlined in the framework."
– Paul Christman, VP of Federal, Dell Software
About the Survey
Dell commissioned Dimensional Research to capture hard data on experiences with and attitudes towards the NIST Framework for Improving Critical Infrastructure Cybersecurity and confidence regarding overall IT security. The survey captured responses from 150 IT professionals across the U.S. federal government.
Dell Inc. (NASDAQ: DELL) listens to customers and delivers innovative technology and services that give them the power to do more. For more information, visit www.dell.com.