Federal IT and Labor Cuts

Nextgov's Emily Long published a complete look of the federal government's transition to continuous monitoring today. I'm pointing to the story not because it was done by the news organization I blog for, but because it's the best recap I've seen.

Sometimes the stories surrounding the need for continuous monitoring get lost in the politics behind the change. But at the end of the day, there's a valid reason for moving to a system that enables dynamic and robust daily security implementation. The moral of Long's reporting is that what was once considered long-term and big picture has morphed into small, short term solutions. The landscape of security changes daily, and it wasn't until John Streufert at the State Department learned he could mitigate those changing threats that the rest of the federal government started to believe it as well. Success almost always breeds other successes.

The only part of the story that caught me off guard was John Gilligan's claim that one of the cost cutting possibilities of continuous monitoring would be labor.

"If you can have standard configurations, the deployment costs are dramatically reduced," Gilligan was reported as saying. "If you can automatically update patch systems, the numbers of people you need to do this, network and systems administrators, are far fewer. Generally, organizations have lots of tools but didn't use them in a cohesive fashion. The big savings is far fewer people."

For one, the very idea of continuous monitoring is that more threats are filtering in. More threats, I would think, would demand more hands. Certainly producing paper reports requires an extensive team of people that can now be left out of the equation. But with agencies taking security more seriously, and more threats being discovered with the new processes, it seems more knowledgable heads are going to be in high demand. One of the big problems, as I've discussed many times in this blog, is we don't have the people needed to take on these roles. I suppose the prevailing question here is whether streamlining can create a need for less labor, or if the finding of more vulnerabilities presents new challenges demanding new labor? Seems like a reasonable dynamic worth exploring.