Despite Government Data Losses, Security Education Spending Not Growing

Out of an annual IT security budget of $5.6 billion, the U.S. is spending $140 million to $150 million annually on security awareness and training.

February 22, 2007

2 Min Read
NetworkComputing logo in a gray background | NetworkComputing

While laptop and data loss continue to plague government agencies, a new report shows that federal spending on user education remains stagnant.

Out of an annual IT security budget of $5.6 billion, the United States is spending $140 million to $150 million annually on security awareness and training, according to Prabhat Agarwal, manager of Information Security Analysis for Input, a government-focused market research and analysis house. That user education number is expected to hold steady through 2012.

Agarwal estimates that government employs between 6 million and 10 million people.

Agarwal says spending on education just isn't where it needs to be, especially in light of the recent report that shows the FBI loses three to four laptops a month, and the Department of Veterans Affairs' ongoing struggle with data loss.

"It will lag where it is until or when another incident occurs," he says. "It's a very event-driven market. [Data loss] is happening more than it's being reported. It's all a question of spending priorities. ...It's a resource issue."In his report, Agarwal says users are the weakest link in the government's security -- much like they are in the corporate world. For the government, though, the Federal Information Security Management Act requires agency employees to pass an IT security awareness exam at least once a year. Along with that, the Committee on National Security Systems issued Directive No. 500 last summer that mandates a minimum standard for education, training, and awareness across the federal government.

Agarwal says many government agencies are taking a technical approach to protecting their data. Government IT managers are taking some of the responsibility out of workers' hands and setting up more automatic safeguards, such as ID management and automatic hard disk encryption.

"I call information security the item sitting in the back closet waiting to be revealed," he says. "It will be revealed when another VA computer loss type of incident occurs."

Read more about:

2007
SUBSCRIBE TO OUR NEWSLETTER
Stay informed! Sign up to get expert advice and insight delivered direct to your inbox
Sign-Up

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

Enterprises investing in new infrastructure to support AI will have to choose between InfiniBand and Ethernet
Enterprise Connectivity
The Impact of AI on The Ethernet Switch MarketThe Impact of AI on The Ethernet Switch Market
byPam Baker, Contributing Writer
Sep 16, 2024
5 Min Read
Blue and purple digital cloud connecting apps and services with campus NaaS.
NaaS
Campus NaaS: Remaking the Campus NetworkCampus NaaS: Remaking the Campus Network
bySalvatore Salamone, Managing Editor, Network Computing
Jul 31, 2024
4 Min Read
DPUs are extensively used to accelerate AI and ML workloads by offloading tasks such as neural network inference and training from CPUs and GPUs.
Network Infrastructure
Harnessing DPUs & How DPUs are Changing Data CentersHarnessing DPUs & How DPUs are Changing Data Centers
byBob Wallace, Featured Writer
Jul 30, 2024
10 Min Read
Webinars
More Webinars
White Papers
More White Papers
Reports
More Reports
Live Events
More Live Events