White Paper: Top 10 Guide to Data Security for Federal Agencies
Web application and database security remains one of the most vulnerable areas across federal agencies as well as the private sector in virtually every geography and business vertical. An essential difference between enterprises and federal agencies is the attacker. Attacks on federal agencies are generally not financially motivated, they are political. The attackers often have military or intelligence agency level funding and support thus substantially increasing the threat level.
Irrespective of attacks from inside or outside an organization data remains the prize. Traditional network security controls while valuable and necessary simply don't scale to address data-centric attacks, and organizations need to augment them with data-centric solutions focused on the targets: Web applications and databases. But federal agencies are not just focused on security – they also need to demonstrate compliance to both agency and congressional mandates.