The security advocacy group said that federal systems rated as low- or moderate-impact targets would have cybersecurity controls not designed to stand up to skilled and well-funded hackers.
In its analysis of the state of government cybersecurity just published, the CSI said that so-called high-end threats are now the norm not the exception,
In the analysis - entitled Keep it Clean: Maintaining the Integrity of your CMDB through Change Detection - the CSI said that federal and private sector IT professionals increasingly report that the attacks they confront on a regular basis are from highly skilled, highly motivated and well-resourced actors - ranging from the Russian mob, to the Chinese military, to organized cybercriminals.
Speaking with Network World, Rob Housman, acting executive director at the CSI, said that, if an Internal Revenue Service investigation isn't the sort of thing that you want to have a higher degree of protection against a sophisticated attacker, I don't know what is.
Housman, who served as assistant director for strategic planning in the White House drug csar's office, told the newswire that, in almost all his conversations with both public- and private-sector CIOs, CISOs and others, they see their main threat as coming from sophisticated hackers.