By Tom Kennedy, General Manager at Axonius Federal Systems
Data silos are a government efficiency and cybersecurity killer. Agencies that operate in silos lack cross-department collaboration and experience data fragmentation, both of which can result in duplication of efforts and an incomplete picture of potential risk.
The Trump administration’s Executive Order establishing the United States DOGE Service intends to modernize federal “technology and software to maximize governmental efficiency and productivity.” While the EO does not explicitly address cybersecurity, the modernization effort applies to all government technology and calls for “interoperability between agency networks and systems.”
In other words, no more silos.
Agencies are now mandated to unify data from various sources while ensuring data integrity and “facilitating responsible data collection and synchronization.” While agencies have strived for years to achieve this outcome, they now have a formal directive from the president’s desk that gives them the authority to do what they must to collect, combine and collaborate through a single source of information.
Here’s how to take advantage of this opportunity, yield greater efficiencies, further innovation and strengthen cybersecurity.
Build a Comprehensive Asset Inventory
First, consider the number of assets an agency has in its ecosystem, including the devices, applications and other IT systems connected to the network. Are there hundreds of assets? Thousands? Hundreds of thousands? What are these assets? What other assets do they connect to?
Most agencies do not know the answers to these questions because they do not have complete visibility into their assets. They may even have multiple partial views that are inconsistent, incompatible and incomplete. Worse, it becomes increasingly difficult to maintain an accurate asset inventory as the number and complexity of assets continues to grow.
Data silos make it almost impossible to overcome asset management challenges. Each cybersecurity tool tends to have a specific owner, an individual or a team. Often, they do not share information, making it difficult for the agency to gain a holistic view of their asset inventory. Without this view, the agency could miss significant cybersecurity gaps and vulnerabilities resulting from an unpatched device or application, an asset susceptible to a known vulnerability, and more.
Breaking down silos allows agencies to pool this information and gain a better understanding of the assets they have and the data they’re collecting. Democratization of assets and data enables teams to identify weaknesses and vulnerabilities, as well as outdated or unused assets that may be wasting resources. With this information, they can proactively respond to potential issues before they become significant problems, providing a more streamlined and efficient asset ecosystem and significantly minimizing their attack surface.
Use Time Spent on Manual Tasks to Further Cybersecurity Innovation
Gaining a complete view of all resources also reduces the tedious, manual and inefficient work required to ensure the security of agency networks. Traditionally, security managers have spent hours attempting to find and secure assets, a task made more difficult by having incomplete information. Accessing a comprehensive, up-to-date inventory of assets at any time eliminates the need for time-consuming and error-prone manual asset inventory management.
Instead, security and IT managers can focus on providing their agencies value-added, innovative solutions that strengthen their security postures over the long term. With complete and shared access to assets and data, they can collaborate to create programs and processes that help them predict and navigate risk, decrease incident response time and finally gain an advantage against adversaries. Often, the system of truth for asset intelligence is also the foundation for driving active remediation and proactive security measures.
For example, teams can use their silo-free environments to work together to improve the enforcement of security policies and regulatory best practices. They can implement processes that automate response actions if an asset violates the agencies’ policies and continually check assets against those policies to maintain proper cybersecurity hygiene. They can also automate the collection and analysis of data and how it’s reported to government agencies, which saves time and ensures the information provided to the Cybersecurity and Infrastructure Security Agency and other organizations is accurate.
With everyone working together, using the same asset and data inventory, agencies can benefit from the collective experience of IT and security professionals. They can collaborate to make better decisions and solutions efficiently yet effectively.
Make Asset Management a Top Modernization Priority
The federal government has been on an IT modernization path for many years, but establishing DOGE will likely push these efforts into a new phase. The Trump administration is committed to reducing unnecessary redundancies and eliminating outdated solutions that cost a lot of time and money to maintain. Modernization is critical for reaching these goals.
However, technological modernization is only part of the solution. Agencies must also modernize their processes and eliminate silos for greater collaboration, information sharing and intelligence gathering. Providing IT and security managers with comprehensive visibility into their entire asset inventories will improve efficiency and accelerate cybersecurity innovation. This practice should be at the top of agencies’ modernization priority lists in 2025.
