COMMENTARY

What to do when cyber hygiene isn't enough

You didn’t have to peruse the latest Verizon Data Breach Report to know that cyber-attacks remain one of the clear and present threats of our time, with an intensity that shows little signs of abating.

 Cyber breaches affect everyone, small and large businesses, as well as networks residing in the public sector. Public sector networks with their treasure trove of sensitive information face vigorous targeting by nation states and cyber criminals looking to steal anything that isn’t bolted down.

Helping government agencies lock the door to keep external threat actors out, combined with education and training, can only go so far. There will always be a vulnerability. How can those selling security solutions help the government mitigate security threats when good cyber hygiene isn’t enough? Here are five things to consider.

  1. Preemptive Hunting: Protecting agency networks from cyber criminals requires thinking like the adversary: Putting yourself in that mindset to consider where they would go next, identifying what trails they would leave, what you would do at each stage of a cyber-attack, etc. This approach can be more effective at preemptively isolating vulnerabilities than simply reviewing alerts after the fact.
  2. Figuring Out What You Can Interrupt: A follow-on from thinking like an adversary is figuring out what can be interrupted. What are the steps an adversary will take to get to administrative privileges within a government network, for example, and how can those steps can best be interrupted? How would they get to the point where they are masked and how can those attempts be stopped? Here speed matters, as detection and investigation need to occur in minutes before the adversary can cause lasting damage.
  3. Embracing the Cloud: While security concerns related to cloud adoption persist, they are evaporating. In fact, government agencies should be educated on how cloud can augment security. The ability to aggregate threat data, while leveraging cloud-scale AI, will advance vulnerability analysis. The end result will be fewer “unknowns,” as it’s likely that the malware or vulnerability identified by one agency has already been seen by another. (One thing to note, this will require a far greater level of information sharing among government agencies to really see the benefits of crowdsourcing as a method for early detection and proactive patching.)
  4. Knowing your Network: One of the biggest challenges government agencies face, and where industry can help, is helping them know what’s on their network. You can’t defend what you don’t know, so understanding the network topology is table stakes when it comes to defending a network. This is a task made more complex with the growing prevalence of cloud, mobility, IoT and Shadow IT.
  5. Planning for Compromise: Help your government customers maintain a plan for when they are breached. It’s a matter of when, not if, for many of them. I use the word maintain because what it means to be resilient will evolve as the threat evolves. As mentioned above, an important step is an evaluation of what they have in their network but also, they need to think through scenarios like what happens to the survivability of a network if a phishing link is clicked, what is our backup plan, etc.

Those overseeing the $15 billion a year in federal security spend know that their IT environments will never achieve zero vulnerability or zero threat. In your conversations with C-level executives and program managers, show how you can help their office, branch or agency be better postured to handle the inevitable. Demonstrate you can utilize your visibility, analytics or cloud-based solutions to better understand threats and bad actors and be more proactive in defending your network and determining next steps after a breach.

About the Author

Lloyd McCoy is a manager on the Market Intelligence team at immixGroup, an Arrow company, which powers the future of public sector IT. The team utilizes a research-driven approach to help technology companies develop successful business strategies to sell to the public sector. He can be reached on LinkedIn at www.linkedin.com/in/lloydmccoy/

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • POWER TRAINING: How to engage your customers

    Don't miss our Aug. 2 Washington Technology Power Training session on Mastering Stakeholder Engagement, where you'll learned the critical skills you need to more fully connect with your customers and win more business. Read More

  • PROJECT 38 PODCAST

    In our latest Project 38 Podcast, editor Nick Wakeman interviews Tom Romeo, the leader of Maximus Federal about how it has zoomed up the 2019 Top 100. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.