Security
Partners in cybersecurity
How CDW•G and Cisco help secure federal IT
As the digital threat landscape continues to evolve, the federal government sits squarely in the crosshairs, a target for both nation- states and criminal actors intent
on stealing secrets and compromising systems. At the same time, the rise
of cloud computing and a highly mobile workforce have created new vulnerabilities.
Here we’ll explore that changing threat landscape, describe an emerging approach to cybersecurity, and look at how CDW•G in partnership with Cisco can help federal agencies address critical gaps in their defenses.
Emerging threats
The stakes are high in federal cybersecurity. While data theft in
the private sector may erode client confidence, the implications of a breach within the public sector can have even greater consequences. Nation-state actors are known to routinely attack our country’s IT infrastructure, aiming to steal critical secrets, compromise intellectual property and even destabilize the country.
With the evolution of government
IT expanding beyond the bounds of conventional networks, the threat landscape has broadened dramatically. The rise of cloud computing and
mobile work modalities have opened upmultiplenewavenuesforpotential attack. In the past, agencies could defend an IT perimeter, locking down a single
point of network accessibility. We’re now in an era of user-centric attacks, in which every laptop, phone and external network connection represents a point of potential vulnerability.
Such attacks may seek to target user credentials as a way to compromise the larger system: The stolen credentials allow the bad actor to bypass the majority of legacy, perimeter-based cybersecurity controls. While traditional firewalls still play a vital role in the overall security architecture, they are no longer a sufficient safeguard. To keep pace with the evolving threat landscape, new cybersecurity approaches are necessary to ensure greater protection.
New thinking on security
The emerging model for cybersecurity in private industry and, increasingly, within the federal space goes beyond the old strategy of mere perimeter defense. Today’s security model emphasizes network visibility, leveraging a range
of modern tools to react to threats in real time and even to anticipate and prevent incursions. At the same time, agencies are rethinking their strategies to focus on protecting specific assets and endpoints, rather than defending a single ingress/egress point.
A few core concepts in the new cyber model include Zero Trust and Adaptive Security.
• ZeroTrustisnotadeviceor application per se but rather an approach for cybersecurity. The premise
is that one should impose strict access controls by default and not trust anyone, even a user already within the network perimeter.
• Adaptive Security refers to a range of capabilities typically powered by Artificial Intelligence and Machine Learning. The approach leverages network visibility to scrutinize behaviors within the network, flagging and even preemptively thwarting activities that seem threatening or even merely outside the norm.
For example, suppose a known user logs on at 3 a.m. from a country hostile to the US. Today’s defensive tools will recognize that this user doesn’t typically work at that hour or in that place. Likewise, if an employee’s credentials are used to attempt a half-dozen logins in 10 minutes from multiple locations, the security apparatus will identify and most often squelch that suspect attempt.
This preemptive approach is supported by Security Information
and Event Management (SIEM) tools, which correlate huge amounts of data from sensors all over the network. By converting this enormous body of data into actionable information, SIEM tools help guide an organization’s response to cyber activities.
Additional levels of protection can then be invoked to stop malware from spreading. Adaptive security includes, forexample,processeslikemicro- segmentation – effectively sending suspect network traffic into a kind of
SPONSORED BY: