Five Things The Government’s Cybersecurity Providers Should Have — And Usually Don’t (From Forbes)

Cybersecurity is an infant industry. It barely existed before the Worldwide Web was invented in the 1990s, and it hasn’t really stabilized since then. As in other infant industries, customer needs keep changing, new suppliers keep appearing, and there is little agreement on standards. Unlike in most other industries, though, the consequences of failing to perform could be catastrophic. So users of cybersecurity services, particularly the federal government, need to think clearly about what attributes are most valuable in their providers. Next month, the Lexington Institute will release a study focusing on the five characteristics that are most important in companies offering cybersecurity services — the ability to provide situational awareness, full-spectrum skills, operational agility, organizational maturity, and enterprise commitment. Only a handful of companies can satisfy all five criteria today. I have written a commentary for Forbes that you can read here.