By Jim Hansen, VP of products, security and cloud, SolarWinds
Since 2006, U.S. agencies have been the victims of more than 100 cyber attacks.
In 2018, on average, there appears to have been at least one reported incident per month in the government sector. That indicates that cyber attacks aren’t slowing down. They’re ramping up.
The U.S. government is taking steps to combat these incidents.
Programs like the Department of Defense’s Comply-to-Connect and the Department of Homeland Security’s Continuous Diagnostics and Mitigation efforts are great examples of federal agencies proactively trying to get in front of hackers.
But there’s even more that can be done at a grassroots, day-to-day level.
Agencies can begin by fortifying their security defenses with their most valuable asset—their people.
And they can finish by employing technologies that can give those people the tools they need to maintain strong security postures that can turn away even the most aggressive attacks.
Here are three strategies federal agencies should consider adopting in their efforts to lessen the number of cyber-attacks against government organizations.
Put everyone in charge of security
Employees can be an agency’s most effective line of defense. People make security policies and, just like in an airport, can be the first to spot impending threats.
Remember the old adage “if you see something, say something”? It applies just as much in the federal IT space as it does anywhere else.
Maintaining good security must be everyone’s responsibility, not just a select few.
It is incumbent upon CIOs and security managers to instill a culture of information sharing among their colleagues no matter what position they hold.
Teach all agency employees to look for warning signs and share information immediately whenever they notice what might be a red flag, no matter how innocuous it may seem.
It’s always better to err on the side of caution, rather than pay a hefty price later.
Focus on continuous training and education
A recent SolarWinds survey of federal IT professionals found that 43 percent of respondents felt that inadequate user training was a barrier to system optimization.
That’s problematic for a number of reasons.
First, the less training a person receives, the more likely they may be to make a mistake—and mistakes can lead to the unintentional dissemination of critical information or allowing hackers (via things like phishing attacks) to gain a foothold into the network.
Second, lack of training could prevent IT professionals from becoming experts on how to use security systems effectively or understand evolving threat vectors.
Knowledge is, indeed, power.
To that extent, senior leadership should strive to continually impart and reinforce knowledge among federal IT administrators in charge of security.
This can be done in several ways—through weekly meetings, quarterly check-ins, threat reports, message boards, and more.
Technology training can be augmented with sessions that focus on hacker tactics, the latest malware, insider threats, and other items related to risk management.
Regardless of the method, training must be held consistently and regularly, as the threat landscape is continually shifting.
Agencies should also strive to maintain compliance with Defense Department Directive 8570, which provides guidance and procedures for training, certification and management of government employees in charge of information assurance.
Support employees with the right tools for defense
An army doesn’t go into combat without the right weaponry.
Therefore, it’s important to arm security managers with an array of tools that can be used to effectively mitigate cyber threats.
Firewalls are, of course, critical, but can be ineffective if data exfiltration occurs over domain name server traffic.
Agencies need a more robust suite of solutions and strategies for detecting both external and internal threats.
Network monitoring technologies are important, as they can automatically scan for and alert managers to potential intrusions.
But agencies that employ hybrid IT environments—where some applications exist on-premises while others are hosted in the public cloud—should go beyond traditional network monitoring and employ methods that monitor data as it passes between their cloud provider and in-house data center.
(Learn more about the latest network management feature updates in SolarWinds® Network Performance Monitor, Network Configuration Manager, NetFlow Traffic Analyzer, VoIP & Network Quality Manager, IP Address Manager, Orion® Platform, and Orion Maps. Courtesy of SolarWinds and YouTube. Posted on Jun 6, 2019.)
There are other policies and procedures that agencies should consider implementing.
For example, since unpatched software is extraordinarily vulnerable, agencies may also wish to adopt a Microsoft-like “Patch Tuesday” mentality, setting aside a specific day of the week to update their systems.
They may also engage in regularly scheduled “red team” exercises that mimic real-world risk scenarios to test their agencies’ cybersecurity defenses.
When it comes to shoring up cyber defenses, there truly is no time to waste.
The next attack is imminent, and will probably happen this month if history is any indication. Agencies cannot afford to sit back and wait.
Taking some simple steps now can help turn back that attack before it has the chance to do significant damage.
About the Author
Jim Hansen has 18 years of experience building and delivering simple and easy-to-use software solutions in the security market.
He is passionate about customers, understanding their needs, and delivering solutions that make their jobs easier and their infrastructures and data more secure.
SolarWinds Returns to Compete in the 2019 ‘ASTORS’ Homeland Security Awards Program
As a 2019 ‘ASTORS’ Homeland Security Awards Program Competitor, SolarWinds Network Configuration Manager will be competing against the industry’s leading providers of Innovative Network Security, Access Control & Authentication, and Security Incident & Event Management Solutions.
Good luck to SolarWinds® on becoming a Winner of the 2019 American Security Today’s Homeland Security Awards Program!
Nominations are now being accepted for the 2018 ‘ASTORS’ Homeland Security Awards at https://americansecuritytoday.com/ast-awards/.
|Access Control/ Identification||Personal/Protective Equipment||Law Enforcement Counter Terrorism|
|Perimeter Barrier/ Deterrent System||Interagency Interdiction Operation||Cloud Computing/Storage Solution|
|Facial/IRIS Recognition||Body Worn Video Product||Cyber Security|
|Video Surveillance/VMS||Mobile Technology||Anti-Malware|
|Audio Analytics||Disaster Preparedness||ID Management|
|Thermal/Infrared Camera||Mass Notification System||Fire & Safety|
|Metal/Weapon Detection||Rescue Operations||Critical Infrastructure|
|License Plate Recognition||Detection Products||And Many Others!|
Don’t see a Direct Hit for your Product, Agency or Organization?
Submit your category recommendation for consideration to Michael Madsen, AST Publisher at: firstname.lastname@example.org.
SolarWinds® Takes Double Platinum in the 2018 ‘ASTORS’ Homeland Security Awards Program
Best Network Security Solution
Network Configuration Manager
Best Security Incident & Event Mgmt Solution (SIEM)
SolarWinds Log & Event Manager
*SolarWinds was also recognized in the2017 & 2016 ‘ASTORS’ Homeland Security Awards Programs with Platinum Award Wins.
The Annual ‘ASTORS’ Awards Program is specifically designed to honor distinguished government and vendor solutions that deliver enhanced value, benefit and intelligence to end users in a variety of government, homeland security and public safety vertical markets.
Over 130 distinguished guests representing National, State and Local Governments, and Industry Leading Corporate Firms, gathered from across North America, Europe and the Middle East to be honored among their peers in their respective fields which included:
- The Department of Homeland Security
- The Federal Protective Service (FPS)
- Argonne National Laboratory
- The Department of Homeland Security
- The Department of Justice
- The Security Exchange Commission Office of Personnel Management
- U.S. Customs and Border Protection
- Viasat, Hanwha Techwin, Lenel, Konica Minolta Business Solutions, Verint, Canon U.S.A., BriefCam, Pivot3, Milestone Systems, Allied Universal, Ameristar Perimeter Security and More!