1 minute read 5 Apr 2023
Security guard watching monitors in control room

Key trends in federal cybersecurity investment

By Scott Smith

EY US Government and Public Sector Cybersecurity Partner/Principal

Author on topics such as identity and access management, security analytics and machine learning. Long history advising government clients to successfully deliver long-lasting, transformative impacts.

1 minute read 5 Apr 2023

Show resources

  • Key Trends in Federal Cybersecurity Investment - January 2023 (pdf)

Is your agency prepared to detect and respond to a cyber event? 

Show resources

  • Download the full report: Key Trends in Federal Cybersecurity Investment

Conduct a cyber tabletop training exercise each year and include multiple stakeholders from the start.

Large multiagency tabletop exercises have shown how preparation for a cyber response helps organizations enhance their cybersecurity posture. Including multiple groups, such as legal, public affairs and business units, into tabletop exercises is critical for success. 

Prioritize and implement a cyber supply chain risk management (SCRM) program – early detection of supplier risks will enable risk-informed decisions.

With continued federal government requirements for stronger SCRM, agencies must prioritize SCRM and establish programs to mitigate risk as supply chains are increasingly targeted by adversaries.

Cyber threat intelligence (CTI) programs are essential – actionable intelligence tailored to your agency needs.

CTI enables effective decision-making to mitigate information security risks​. CTI is not just an indicator of compromised feeds or detection signatures. It is a holistic program designed to inform information security risk mitigation and provides the foundation for threat hunting, controls design for defense in depth and other risk mitigation strategies.

Be prepared across all five pillars of zero trust – establish a security framework that covers all aspects of zero trust.

Zero trust frameworks and use cases vary by organization and function. EY teams are help multiple agencies focus on business and cyber use cases with zero trust solutions across the five pillars to include mapping to the DHS CISA Zero Trust Maturity Model.

Summary

We partnered with Market Connections to design a survey across federal civilian and defense agencies to understand key trends in cybersecurity investments. Where are agency leaders focusing their time and resources? How can they make the most of their spending dollars and what are their current priorities?

About this article

By Scott Smith

EY US Government and Public Sector Cybersecurity Partner/Principal

Author on topics such as identity and access management, security analytics and machine learning. Long history advising government clients to successfully deliver long-lasting, transformative impacts.

Contact us

Like what you’ve seen? Get in touch to learn more.

Contact us