9/11 Anniversary Raises Cyberterror Questions

Security vendor nCircle has released a survey that says while 86 percent of IT executives believe their organizations are sufficiently safe from cyberterror attacks, 85 percent of them don't think U.S. government agencies are adequately prepared for such assaults. The study is based on an August poll of 395 IT executives.

Among the questions the company asked were, "Five years after 9/11, do you feel that U.S. government agencies are prepared for cyberterrorism?" and, "Five years after 9/11, is your organization prepared to defend against cyberterrorism?"

Respondents proved themselves to be supremely confident in their own defensive abilities and extremely skeptical of the government's.

In fact, these executives may be overestimating their own capabilities. As nCircle CEO Abe Kleinfeld suggests, IT executives don't yet have many reliable ways to measure how prepared they are for network attacks launched by would-be terrorists, primarily because they haven't really happened yet.

Sponsored post

"Organizations will tout their own readiness to defend against cyberterrorists " even when the enterprise is vulnerable," Kleinfeld said in a statement. "But few hold the same confidence in the federal government. The Feds, at least, have a consistent and objective way to measure their readiness, or lack thereof."

He said government agencies' poor response so far to the Federal Information Security Management Act (FISMA) has contributed to this negative perception. The U.S. government enacted FISMA in 2003 to promote compliance with minimum security standards, but agencies so far haven't met the law's objectives.

"The fact that the Feds scored a cumulative D+ on their FISMA rating the last two years in a row supports this lack of confidence," Kleinfeld noted.

That doesn't mean IT executives in the private arena should feel free to gloat.

"The commercial sector can claim what it wants, but without an objective and standardized risk scoring system, all [they have] are anecdotes and guesswork," Kleinfeld contended.