2011 U.S. Cyber Security

State government organizations are more likely to develop IT-security applications in house ({__} percent) than are local government organizations ({__} percent). State government organizations are more likely to provide training to their programmers on secure-software design. Local government organizations are more likely to train on software deployment, operations, maintenance, and disposal. This illustrates the disparity in security spending between federal to local government.

State government organizations are more likely to provide tools to test security for source code or applications. Less than half of local government organizations provide tools to test the security of source code or applications.

More than half of both types of government organizations perform both black-box and white-box testing. Slightly less than two-thirds ({__} percent) of government organizations have a third party review security applications that are developed in house.

State governments are more likely to give employees laptop computers, smartphones, and tablet computers than are local governments. Overall, state government cyber security managers feel encryption for mobile devices is important.

Both organization types are likely to outsource IT-security functions. State governments primarily outsource to global Tier-I providers ({__} percent). Local governments primarily outsource to regional providers or value-added resellers ({__} percent). Political pressure and pricing are both likely reasons for this split.

Overall, cyber-security managers for state governments are more concerned with malware entering purchased equipment. More than half of both organization types test all equipment before installation. Nearly three-quarters of cyber-security managers for state governments require that products be certified before they are purchased.

Report Scope

This study covers the US market of cybersecurity within state and local government, examining applications, mobile devices, outsourcing, and procurement of cybersecurity trends. In addition, this study provides a broader understanding of how state and local governments are taking proactive actions to protect their organizations from cyber security threats. This study also aims at understanding how government organizations are adapting to protect themselves in a constantly changing technology world. Finally this study looks at what applications are being developed in-house, degree of outsourcing of IT security functions and level of concern of malware entering on purchase IT equipment.