Solutions

Vulnerability Management Configuration Compliance PCI Regulations Government Consensus Audit Guidelines

IT GRC nCircle Technology Small Businesses CSO Center Secure Everywhere
Products

nCircle PureCloud nCircle Benchmark Suite360 Intelligence Hub Configuration Compliance Manager File Integrity Monitoring

nCircle IP360 WebApp360 PCI Scan Service HITRUST Service
Services

VERT Consulting Services Training
Customers

Testimonials Case Studies
Partners

Suite360 Partner Portal
News

Articles Press Releases Awards Certifications Events
Resources

Data Sheets Case Studies White Papers Regulation Mappings Analyst Reports Bellwether Metrics Security Survey Results

Tools Podcasts Webinars Videos VERT Alert Patch Priority Index
Support

Customer Portal Login
Community

Blog Worldwide User Conference nCircle Viewpoint
Company

Board of Directors Investors Employment Job Openings Contact Us Trust Stewardship

Security Survey Results

nCircle 2012 Federal Security Trends Survey

"When you ask a question about 'security' concern and a large percentage of people direct their response toward 'compliance', it is an indication that we have our priorities in the wrong place," said Keren Cummins, director of federal markets for nCircle. "As an industry, we are trying to get people to think about 'threat-directed' security. Let's hope that compliance is not considered a threat to federal IT security personnel. The government needs to make certain that compliance initiatives are contributing to security rather getting in the way.

"While cloud migration appears to be moving at a slow pace, with the vast majority of agency respondents indicating that one-third or less of their infrastructure has been migrated to the cloud, approximately 10% of those who are using cloud are already migrating moderate impact data, speaking to a growing level of confidence in both the technology and policies that can enable higher risk use of the cloud," said Keren Cummins, director of federal markets for nCircle.

"Only a very small percentage of respondents acknowledge a role for FedRAMP's baseline security controls in advancing their migration to the cloud," said Keren Cummins, director of federal markets for nCircle. "Perhaps security is not an issue for the remainder, but it appears that FedRAMP still has some work to do to communicate the benefits of its security guidance. Thus far, it is not resonating and/or building confidence among agency heads, enough to significantly advance their move to the cloud."

"Mobile security is a topic of increasing concern. On encouraging note, it appears that a significant majority of agencies do indeed have a mobile device security policy in place, and that they enforce it," said Keren Cummins, director of federal markets for nCircle. "Concerns about various types of mobile devices span the gamut, although Android and iPhone represent the greatest concerns in the federal government."

"Interestingly, when asked about their plans for monitoring such devices, almost twice as many folks do not have a strategy for monitoring the variety of mobile devices being introduced into the government space, as those who do," said Keren Cummins, director of federal markets for nCircle. "As industry steps up with more mobile monitoring solutions, I suspect we will see a shift in this data."