Government IT Modernization Driven by Security Concerns
According to Government Index for IT Modernization, a new study of U.S. government IT decision makers, commissioned by IBM, nearly 70% of those surveyed view security risks as the top barrier when migrating to modern cloud platforms. Of those surveyed, security also now outweighs reducing costs by almost double as the reason to modernize IT infrastructures.
Recent cybersecurity threats including SolarWinds, one of the largest supply chain attacks in recent history, and the Kaseya cyberattack impacting 1,500 global organizations, have put a spotlight on current cyber threats and existing vulnerabilities. In an urgent response, President Biden issued an executive order, urging federal agencies to modernize and protect their data from existing and future threats.
As federal government agencies look to make decisions for their long-term strategies, IBM's new market research provides insights into the critical role of security and privacy in cloud adoption and modernization decision-making. The study, conducted by Morning Consult on behalf of IBM, surveyed over 500 current and former IT government decision makers based in the U.S. found that modernization drives security.
With cybersecurity attacks on the rise, so too are budgets to protect data. According to the study, more than 75% of respondents cited migrating and managing data from legacy systems to the cloud as a challenge for their current or former agency, with security was cited as the top barrier but also as a main driver.
The study found that between 64% and 82% of respondents believe their current or former agency is very prepared or somewhat prepared for a wide range of current and future threats, from ransomware to post-quantum attacks. Yet more than 40% believe it will take three or more years to comply with the Biden Administration Cybersecurity Executive Order to implement zero trust and encrypt all data, an eternity in a world where security breaches occur with increasing regularity. This contradiction is further reinforced when looking at the current use of baseline security protocols – more than half of IT decisions makers surveyed say their cloud administrators does not always require complex passwords (50%) and two-factor/multi-factor authentication (51%).
50% of the respondents report their agency is using a mix of security tools for on-premise and cloud threats, creating a gap in visibility. At the same time security is the top concern holding 46% of responding government IT decision makers back from working with third party vendors. With the average federal agency using 10 or more cloud providers and working with hundreds of third parties, managing risk across this growing attack surface is expected to further complicate security.