The federal insider threat market is on pace to surpass $1 billion in fiscal 2020, according to Bloomberg Government’s insider threat market definition. This increase stems from federal agencies’ growing reliance on cybersecurity products and services designed to address both internal and external security threats.
Now almost a decade since former President Barack Obama signed Executive Order 13587, creating an insider threat task force and detection program, the disclosure of sensitive government information – whether accidental or deliberate – remains an ongoing challenge. Increased telework due to the Covid-19 pandemic may pose insider threat concerns as government agencies may find it more difficult to protect and monitor their employees and contractors working remotely.
To address these and other insider threats, federal agencies will require products and services from contractors, including security awareness training, user activity monitoring, and behavioral analytics. Bloomberg Government has defined an insider threat market in our Contracts Intelligence Tool so that contractors can analyze historical spending and better anticipate upcoming contract opportunities.
The market definition includes insider threat-specific contract obligations, such as training and monitoring employee use of government systems, as well as spending and services that have applications beyond insider threat. The definition draws from insider threat attributes that align with other government-wide cybersecurity initiatives, such as zero trust. For example, identity and access management or data loss prevention tools can be just as useful for catching hackers who have penetrated government networks as they are for mitigating the risks posed by untrustworthy insiders.
A Growing Market
Agency insider threat-related obligations have increased annually since fiscal 2017 and has risen to $970 million in fiscal 2019. Based on year-to-date spending in fiscal 2020, federal agencies are on track to exceed $1 billion in fiscal 2020, which ends Sept. 30.
The top agencies buying insider threat-related products and services are the departments of Defense, Homeland Security, Health and Human Services (HHS), and Veterans Affairs. All of the top four agencies, which account for about two-thirds of insider threat obligations annually, spent more on insider threat in fiscal 2019 than in fiscal 2018, with the exception of HHS, which fell by 25%. Yet, HHS has already spent more in fiscal 2020 than in fiscal 2019 with more than a month left in the fiscal year, mostly due to purchasing a $30 million IT analytics platform from Perspecta Inc. that could, in theory, be used to analyze insider threats.
Large agency- or government-wide multiple award contracts and schedules account for the top nine contracts in the market since fiscal 2016. They include the National Aeronautics and Space Administration’s Solutions for Enterprise-Wide Procurement V, the General Services Administration’s Schedule IT-70, DHS’s Enterprise Acquisition Gateway for Leading Edge Solutions II, HHS’s Chief Information Officer – Solutions and Partners 3, and VA’s Transformation Twenty-One Total Technology Next Generation.
Increases in telework due to Covid-19 may mean even higher spending on insider threat in fiscal 2020 and fiscal 2021. Covid-19-related insider threat obligations total $17.4 million to date, not including most of the Pentagon’s spending in this area due to a 90-day reporting delay for national security reasons. The departments of Veterans Affairs and Treasury account for most of the Covid-19-related insider threat obligations, $11.8 million and $3.8 million, respectively.
Telework could further emphasize the need for technologies that monitor and detect anomalies in employee network and data use, especially as classified work goes remote in the Covid-19 era. Since classified telework is a relatively new concept, agencies are likely to require extensive training to ensure federal employees and contractors are aware of any new rules and best practices associated with working in an environment shared with family members and where there may not be windowless rooms. IT products that closely monitor user activity and behavior may be more important than ever.
Note: This Is IT is a weekly column by Bloomberg Government focused on information technology matters affecting government contractors.
To contact the analyst on this story: Laura Criste in Salt Lake City, Utah at email@example.com
To contact the editor responsible for this story: Daniel Snyder at firstname.lastname@example.org