Those providing products and services to the United States government have surely noticed that cybersecurity has captured the buzz in Washington. Businesses everywhere are seeking to define and refine their service offerings to capture increased government spending. But have they reflected upon the health of the information security practices followed by their own business enterprise?

According to a recent report by Forrester Research, enterprises are overly focused on compliance and not focused enough on protecting their secrets (i.e., intellectual property, earnings and financial information, merger and acquisitions data, and product schematics).

It begs the question, should the private sector be prequalified to extend their cybersecurity products and services to the government based upon how well they are protecting their own businesses? Stated differently, how can you be qualified to extend services to the government if you are not able to first protect your own information assets?

Interested in continuing this article?

Subscribe here to receive our print magazine, GovConExec.