Page 12 - CARAHSOFT_August/September
P. 12

Staying ahead of
the cyberthreat curve
Outwitting attackers hinges on pinpointing vulnerabilities and building strategic partnerships
Bill Rucker
President, Trustwave Government Solutions
budget plans in terms of cybersecurity priorities and put the right tools, people and processes in place.
Strengthening the weakest link
Successful security policies are custom-fit to an organization’s needs, potential risks and budget, and they address the weakest link — the end user. Trustwave’s recent Global Security Report found that social engineering is now the top method of compromise. Such tactics are relatively low- effort yet highly effective ways for attackers to gain access to a system. Agencies can quickly identify and close security gaps introduced by users, such as weak or reused passwords and the tendency to click on suspicious links, through penetration testing and red-teaming capabilities.
Agencies must also incorporate continuous security training programs and best practices for employees into their overall security and contingency plans.
In addition, agencies must have a level of control over and knowledge about where critical data exists within their networks, where it goes and who has access to it. Any data on endpoints and servers is at risk when a network is compromised, but protecting such high-value assets can be
as simple and straightforward as creating watchlists or blocklists that establish rules to keep specific files from being exfiltrated, accessed, moved or downloaded to an external device.
Partnerships to drive
security maturity
Because the threat landscape is rapidly evolving and attacks are growing in
are under constant attack by
adversaries who have the skills and resources to gain access. If an agency is targeted, it’s no longer a question of whether but when a serious security incident will take place.
Not only should agencies be leveraging the latest endpoint detection and response technologies, they should also be seeking support from high-level security experts who have intimate knowledge of how attackers bypass perimeter defenses and move through networks undetected — and
how to stop them. Fortunately, threat hunting is continuing to gain momentum. A threat hunt involves leveraging behavioral analytics, threat intelligence and in-house research to proactively identify threats, isolate malicious behavior and mitigate breaches before catastrophic damage occurs.
However, agencies cannot move forward from a security maturity standpoint without the proper resources, which is where
the Department of Homeland Security’s Continuous Diagnostics and Mitigation program plays a vital role. CDM gives civilian agencies the ability to look at their
davooda/Shutterstock/GCN Staff

   10   11   12   13   14