But like any large bureaucracy , change comes slowly within the government — and making even minor , security architecture changes will take even lon- ger .
www . AmericanSecurityToday . com August 2021 - Edition 57
To further complicate matters , for many years , there was no viable career path for cyber- security within government , which has led to a lack of both the resources and expertise needed to solve today ’ s prob- lems .
Worse still , it can be difficult for the government to hold onto expertise , as top talent tends to make its way to more profitable commercial ventures . More ef- fective resourcing is needed , but those shifts can also take time .
Technological pitfalls are also essential to consider . Investments in operational tech- nology ( OT ) are expected to be long-term investments . After all , replacing an industrial control system or air traffic management system is not as simple as swapping out laptops every two or three years .
These systems are expected to be in place for decades , which means the developer or man- ufacturer may never address vulnerabilities , especially since some of them may not even have a system to pro- vide updates .
Unfortunately , adversaries will always be looking for po- tential openings , and the lon- ger a device or system is in service , the greater the likeli- hood that an attacker will find one of these vulnerabilities .
26