People & Tech an Effective One-Two Punch in Gov’ts Cybersecurity Battle

IT managers can do their part by setting forth user policies and sharing them with everyone or making users aware of the latest phishing, “whaling” (hackers targeting high-level employees), or “baiting” (bribing employees in return for information or credentials) scams. This type of knowledge sharing can go a long way toward addressing the insider threat problem, which a recent SolarWinds Federal Cybersecurity Survey found to be a leading cause of security threats.

By Brandon Shopp, Vice President, Product Strategy and Security, SolarWinds

As you’re reading this, a data breach is most likely occurring somewhere in the United States.

On average, there were 20 data breaches reported per day in the first half of 2019.

That’s a sobering statistic, especially given the amount of focus organizations have placed on strengthening their cyberdefenses.

(A federal grand jury has indicted a Chinese national on charges stemming from a massive data breach of Indianapolis-based health insurer Anthem Inc. Courtesy of RTV6 The Indy Channel and YouTube. Posted on May 9, 2019.)

The President’s Budget for FY 2019 allocated US$15B for cybersecurity funding, of which the Department of Defense by itself contributed US$8.5B.

This funding is in direct response to a growing crisis made evident in a 2018 Office of Management and Budget (OMB) risk report.

The OMB called the current situation regarding federal cybersecurity measures “untenable” and cited that 74% of the agencies participating in the report were either “at risk” or at “high risk.”

Will the increased attention and focus on cybersecurity matters make a positive impact?

Perhaps. But only if federal agencies recalibrate their efforts to focus on the two most important factors in the battle against malicious attackers:

  • the People they use to manage the fight, and

  • the Tools those people use as their weaponry

People on the Front Lines

It’s important for government agencies to invest in the right people and training.
It’s important for government agencies to invest in the right people and training.

One of the reasons why hackers have been so successful over the years is their ability to adapt.

They’ll find a vulnerability, exploit it, and move onto something new once the vulnerability has been patched.

It’s important for government agencies to invest in the right people and training.

After all, it’s not machines that adapt and adjust those policies to outflank or respond to the varying tactics used by attackers.

It’s well-trained, knowledgeable, and dedicated personnel.

In the past few months we’ve seen new and highly dangerous threats emerge, like BlueKeep and Dtrack.

These threats come in many different forms—ransomware, malware, and others—and can be hard to respond to without the proper education.

Agencies should encourage consistent training and knowledge sharing about these and other impending threats and emphasize the need for consistent patching and monitoring.

Fortunately, the federal government is getting better at providing exceptional cybersecurity training for its employees.

A case in point is the Federal Cyber Reskilling Academy (FCRA), which offers hands-on training in cybersecurity.

Federal agencies must take advantage of programs like the FCRA if they are to recruit the top-tier talent needed to combat cyberterrorism.

Yet a predisposition toward good cybersecurity shouldn’t begin and end with the federal IT team.

Everyone in the organization, from the chief information security officer on down, should be invested.

IT managers can do their part by setting forth user policies and sharing them with everyone or making users aware of the latest phishing, “whaling” (hackers targeting high-level employees), or “baiting” (bribing employees in return for information or credentials) scams.

This type of knowledge sharing can go a long way toward addressing the insider threat problem, which a recent SolarWinds Federal Cybersecurity Survey found to be a leading cause of security threats.

Technology as a Defense Mechanism

solarwinds netflow traffic analyzer
An agency’s employees are the army leading the charge against cyberthreats, and like any army, they need weapons.

An agency’s employees are the army leading the charge against cyberthreats, and like any army, they need weapons.

In this case, that means tools for IT administrators to automatically mitigate and remediate attacks, track down threats to their points of origin, and understand who’s behind the incidents.

Unfortunately, that’s easier said than done. Indeed, the OMB’s risk report said 38% of federal cyber incidents in 2018 didn’t have a known attack vector.

This is partially due to the siloed nature of government agencies.

The DoD, for example, includes many different branches working independently of one another. It can be challenging to monitor those separate networks, even though an attack on one could directly impact another.

The increasing complexity of federal IT networks, including the move toward hybrid IT environments, may also be a contributing factor.

The more complex those networks become, and the more applications are moved into the cloud, the harder it can be to monitor and manage network activity effectively, especially when some data resides in the cloud.

(Network traffic visibility is more important than ever. SolarWinds NetFlow Traffic Analyzer expands that visibility to include IPv6 flow records, Palo Alto devices, and provides deployment flexibility and support for use of Azure® SQL as a data repository. Courtesy of SolarWinds and YouTube. Posted on Jun 6, 2019.)

Agencies have been performing traditional network monitoring for years, but what they have been doing may not be sufficient in this type of environment.

IT administrators need complete visibility into their networks, regardless of the form they may take—distributed, on-premises, cloud, or hybrid.

NetFlow Traffic Analyzer
IT administrators need complete visibility into their networks, regardless of the form they may take—distributed, on-premises, cloud, or hybrid, and they need to be able to receive immediate alerts whenever and wherever an anomaly occurs.

They need to be able to receive immediate alerts whenever and wherever an anomaly occurs.

If an attack takes place, administrators must be able to trace the incident back to its origins via forensic analysis that can be used across their entire network environment, even in the cloud.

This is the type of sophistication needed to protect against unrelenting enemies that will continue to poke and prod in an attempt to gain access.

Consider it “network monitoring on steroids.”

When combined with a highly skilled and knowledge employee base, it can serve as an effective defensive front against increasingly determined and sophisticated adversaries.

About the Author

Brandon Shopp
Brandon Shopp

Brandon Shopp is vice president, product strategy and security at SolarWinds.

Brandon is a High-bandwidth Product Management professional, experienced with a wide variety of software products, business models, M&A, and go-to-market strategies.

His specialties include product management, enterprise management software, networking, systems management, mergers and acquisitions, M&A, application management, networking monitoring, systems monitoring. 

SolarWinds Worldwide Wins BIG in 2019 ‘ASTORS’ Homeland Security Awards Program

2019 'ASTORS' Awards Program Banquet Luncheon
2019 ‘ASTORS’ Awards Program Banquet Luncheon

SolarWinds Worldwide

  • Best Security Incident & Event Mgmt (SIEM) Solution

  • SolarWinds Log & Event Manager

  • SolarWinds Log & Event Manager (LEM), is a security information and event mgmt (SIEM) virtual appliance that adds value to existing security products and increases efficiencies in administering, managing, and monitoring security policies and safeguards on your network.

  • Best Identity Access Mgmt (IAM)

  • SolarWinds Access Rights Manager

  • SolarWinds Access Rights Manager (ARM) helps IT and Security Admins meet compliance requirements with centralized provisioning, deprovisioning, management, and audit of user permissions and access to systems, data, and files while protecting their organizations from internal security breaches.

  • SolarWinds Access Rights Manager (ARM), manages user access permissions correctly to help prevent insider threats and data breaches while helping IT and Security Admins meet compliance requirements.

(SolarWinds Access Rights Manager (ARM) helps IT and Security Admins meet compliance requirements with centralized provisioning, deprovisioning, management, and audit of user permissions and access to systems, data, and files while protecting their organizations from internal security breaches. Courtesy of SolarWinds and YouTube.)

  • Best Network Security Solution

  • SolarWinds Network Configuration Manager

  • SolarWinds® Network Configuration Manager (NCM) saves time and improves network reliability and security by managing configurations, changes, and compliance for routers, switches, and other network devices from Cisco, Juniper, HP, Dell, Brocade, F5, Aruba, Rukus, and more.

  • It is a network configuration tool to manage configs through automation, backup, and policy management.

  • *SolarWinds has been recognized in the 2019, 2018, 2017 and 2016 ‘ASTORS’ Homeland Security Awards Program.

The Annual ‘ASTORS’ Awards Program is specifically designed to honor distinguished government and vendor solutions that deliver enhanced value, benefit and intelligence to end users in a variety of government, homeland security and public safety vertical markets.

Deanne Criswell
Deanne Criswell the Commissioner of the New York City Emergency Management Department is responsible for oversight of the City’s efforts to plan and prepare for emergencies, educate the public about preparedness, coordinate emergency response and recovery, and disseminate emergency information.

The Annual ‘ASTORS’ Awards is the preeminent U.S. Homeland Security Awards Program highlighting the most cutting-edge and forward-thinking security solutions coming onto the market today, to ensure our readers have the information they need to stay ahead of the competition, and keep our Nation safe – one facility, street, and city at a time.

American Security Today is pleased to announce that Deann Criswell, the NYC Emergency Management Commissioner will deliver the keynote address at the 2020 ‘ASTORS’ Awards Presentation Luncheon Banquet in New York City.

Nominations are now being accepted for the 2020 ‘ASTORS’ Homeland Security Awards at https://americansecuritytoday.com/ast-awards/.

Comprehensive List of Categories Include:

Access Control/ Identification Personal/Protective Equipment Law Enforcement Counter Terrorism
Perimeter Barrier/ Deterrent System Interagency Interdiction Operation Cloud Computing/Storage Solution
Facial/IRIS Recognition Body Worn Video Product Cyber Security
Video Surveillance/VMS Mobile Technology Anti-Malware
Audio Analytics Disaster Preparedness ID Management
Thermal/Infrared Camera Mass Notification System Fire & Safety
Metal/Weapon Detection Rescue Operations Critical Infrastructure
License Plate Recognition Detection Products And Many Others!

Don’t see a Direct Hit for your Product, Agency or Organization?

The World Health Organization (WHO) declared the 2019–20 coronavirus outbreak a Public Health Emergency of International Concern (PHEIC) on 30 January 2020 and a pandemic on 11 March 2020. Local transmission of the disease has occurred across all fifty states in the America.

With the unprecedented occurrence of the COVID-19 pandemic, the focus of the safety and security industries has realized the need to increase innovations to address the daily growing challenges.

As such AST aims to make sure these firms and professionals are reflected in the 2020 ‘ASTORS’ Awards Program, so we’d like to encourage you to submit appropriate categories recommendations and include COVID-19 Frontline Professionals in your Nominations to see that these Professionals, Facilities, and Vendors receive the Recognition they Deserve!

Submit your category recommendation for consideration to Michael Madsen, AST Publisher at: mmadsen@americansecuritytoday.com.

The 2019 ‘ASTORS’ Awards Program surpassed expectations with a record number of nominations received from industry leaders and government agencies, and drew over 200 attendees to the ‘ASTORS’ Awards Presentation Banquet – an exclusive gourmet luncheon and networking opportunity which filled to capacity, before having to turn away late registrants.

The 2019 ‘ASTORS’ Awards Luncheon featured an impassioned and compelling keynote address by William (Bill) Bratton, former police commissioner of the NYPD twice, the BPD, and former chief of the LAPD, on the history of policing in America and the evolution of critical communication capabilities in our post 9/11 landscape.

The event featured an impassioned and compelling keynote address by William J. Bratton, former police commissioner of the New York Police Department (NYPD) twice, the Boston Police Department (BPD), and former chief of the Los Angeles Police Department (LAPD), as he walked attendees through 50 years of American policing history, the impacts on the communities, and the evolution of critical communication capabilities in our post 9/11 landscape.

Commissioner Bratton, one of the world’s most respected and trusted experts on risk and security issues and Executive Chairman of Teneo Risk a global advisory firm, was recognized as the ‘2019 ‘ASTORS’ Person of the Year’ for his Lifetime of Dedication and Extraordinary Leadership in Homeland Security and Public Safety.

Why the ‘ASTORS’ Homeland Security Awards Program?

2019 ‘ASTORS’ Homeland Security Awards Luncheon at ISC East

American Security Today’s comprehensive Annual Homeland Security Awards Program is organized to recognize the most distinguished vendors of physical, IT, port security, law enforcement, and first responders, in acknowledgment of their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.’

Over 200 distinguished guests representing Federal, State and Local Governments, and Industry Leading Corporate Firms, gathered from across North America, Europe and the Middle East to be honored among their peers in their respective fields which included: 

  • The Drug Enforcement Administration (DEA)
  • National Center for Missing and Exploited Children (NCMEC)
  • United States Marine Corps
  • The Federal Protective Service (FPS)
  • Argonne National Laboratory (ANL)
  • United States Postal Inspection Service
  • DHS S&T 
  • United States Marshals Service (USMS)
  • The Port Authority of New York & New Jersey Police (PAPD)
  • The Department of Justice (DOJ)
  • The New York State Division of Homeland Security & Emergency Services (NYS DHSES)
  • United States Border Patrol
  • AlertMedia, Ameristar Perimeter Security, Attivo Networks, Automatic Systems, Bellevue University, BriefCam, Canon U.S.A., CornellCookson, Drone Aviation, FLIR Systems, Hanwha Techwin, HID Global, IPVideo Corp., Konica Minolta Business Solutions, LenelS2, ManTech, Regroup Mass Notifications, SafeLogic, SolarWinds, Senstar, ShotSpotter, Smiths Detection, TCOM LP, Trackforce, Verint, and More!

From innovative Military Cyber Programs, to LocalState and Federal Public Safety and Emergency Management Initiatives, New Physical and IT Products and Services, and Security Professional, Threat Assessment, Emergency Preparedness, Law Enforcement and Homeland Security Education and Training Opportunities – Join your ‘ASTORS’ Award-Winning Peers and Receive the Recognition You Deserve!

Excellence in Public Safety and Government Security Award Nominations are also encouraged, such as those 2019 Honored Winners which includes the DEAU.S. Marine CorpsDHS S&TFederal Protective ServiceDHS S&T NUSTLU.S. Marshals ServiceU.S. Border PatrolThe Port Authority of NY/NJ, and the NYS Division of Homeland Security & Emergency Services.

Individuals are also encouraged to be nominated for Government Excellence in Public Safety and Homeland Security such as last years widely respected recipients.

Why American Security Today?

The traditional security marketplace has long been covered by a host of publications putting forward the old school basics to what is Today – a fast changing security landscape.

The traditional security marketplace has long been covered by a host of publications putting forward the old school basics to what is Today – a fast changing security landscape.

American Security Today is uniquely focused on the broader Homeland Security & Public Safety marketplace with over 75,000 readers at the Federal, State and local levels of government as well as firms allied to government.

American Security Today brings forward a fresh compelling look and read with our customized digital publications that hold readers eyes throughout the story with cutting edge editorial that provides solutions to their challenges.

Harness the Power of the Web – with our 100% Mobile Friendly Publications

AST puts forward the Largest and Most Qualified Circulation in Government with Over 75,000 readers on the Federal, State and Local levels.
AST puts forward the Largest and Most Qualified Circulation in Government with Over 75,000 readers on the Federal, State and Local levels.

The AST Digital Publications is distributed to over 75,000 qualified government and homeland security professionals in federal, state and local levels.

‘PROTECTING OUR NATION, ONE CITY AT A TIME’

AST Reaches both Private & Public Experts, essential to meeting these new challenges.

Today’s new generation of public safety and security experts need real-time knowledge to deal with domestic and international terrorism, lone wolf attacks, unprecedented urban violence, shifts in society, culture and media bias – making it increasingly difficult for Homeland Security, Law Enforcement, First Responders, Military and Private Security Professionals to implement coordinated security measures to ensure national security and improve public safety.

American Security Today

These experts are from Government at the federal, state and local level as well as from private firms allied to government.

AST provides a full plate of topics in our AST Monthly Magazine Editions, AST Website and AST Daily News Alerts, covering 23 Vital Sectors such as Access Control, Perimeter Protection, Video Surveillance/Analytics, Airport Security, Border Security, CBRNE Detection, Border Security, Ports, Cybersecurity, Networking Security, Encryption, Law Enforcement, First Responders, Campus Security, Security Services, Corporate Facilities, and Emergency Response among others.

AST has Expanded readership into integral Critical Infrastructure audiences such as Protection of Nuclear Facilities, Water Plants & Dams, Bridges & Tunnels, and other potential targets of terrorism.

Other areas of concern include Transportation Hubs, Public Assemblies, Government Facilities, Sporting & Concert Stadiums, our Nation’s Schools & Universities, and Commercial Business Destinations – all enticing targets due to the large number of persons and resources clustered together.

To learn more about the 2019 ‘ASTORS’ Homeland Security Award Winners solutions, please go to the 2019 ‘ASTORS’ Championship Edition Fully Interactive Magazine – the Best Products of 2019 ‘A Year in Review’.

The ‘ASTORS’ Champion Edition is published annually and includes a review of the ‘ASTORS’ Award Winning products and programs, highlighting key details on many of the winning firms products and services, includes video interviews and more.

It is your Go-To source throughout the year for ‘The Best of 2019 Products and Services‘ endorsed by American Security Today, and can satisfy your agency’s and organization’s most pressing Homeland Security and Public Safety needs.

From Physical Security (Access Control, Critical Infrastructure, Perimeter Protection and Video Surveillance Cameras and Video Management Systems), to IT Security (Cybersecurity, Encryption, Data Storage, Anti-Malware and Networking Security – Just to name a few), the 2019 ‘ASTORS’ CHAMPIONS EDITION will have what you need to Detect, Delay, Respond to, and Mitgate today’s real-time threats in our constantly evolving security landscape.

It also includes featured guest editorial pieces from some of the security industry’s most respected leaders, and recognized firms in the 2019 ‘ASTORS’ Awards Program.

SolarWinds products give organizations worldwide—regardless of type, size, or complexity—the power to monitor and manage their IT services, infrastructures, and applications; whether on-premises, in the cloud, or via hybrid models.

SolarWinds continuously engages with technology professionals—IT service and operations professionals, DevOps professionals, and managed services providers (MSPs)—to understand the challenges they face in maintaining high-performing and highly available IT infrastructures and applications.

solarwinds logo

SolarWinds’ focus on the user and commitment to excellence in end-to-end hybrid IT management has established the company as a worldwide leader in solutions for network and IT service management, application performance, and managed services.

Targeted for MSPs, the SolarWinds MSP product portfolio delivers broad, scalable IT service management solutions that integrate layered security, collective intelligence, and smart automation.

To Learn More please visit https://www.solarwinds.com/.

To learn about advertising opportunities with American Security Today, please contact Michael Madsen, AST Publisher at mmadsen@americansecuritytoday.com.

AST strives to meet a 3 STAR trustworthiness rating, based on the following criteria:

  • Provides named sources
  • Reported by more than one notable outlet
  • Includes supporting video, direct statements, or photos

Subscribe to the AST Daily News Alert Here.

Learn More…

SolarWinds Access Rights Manager Competes in 2020 ‘ASTORS’ Awards