Pentagon Under Siege
Advanced tech helps DoD repel cyberattacks.
In the past year, the Defense Department started new programs to improve cybersecurity. Automated Continuous Endpoint Monitoring (ACEM) is a strategy for identifying, monitoring and managing network devices. Comply-to-Connect (C2C) is
a network access control architecture designed to increase cybersecurity efficiency across the Department. It helps agencies control and verify user identity, prevent and control malicious activities, limit access to resources based on policy and authorization, focus on continuous monitoring and visibility, and automate the response to breaches and remediation of vulnerabilities.
The Defense Department prevents
36 million emails containing malware, viruses and phishing schemes from reaching their intended targets every day, yet new cyberthreats and techniques continue to emerge. In 2019, cybersecurity professionals encountered new variants of ransomware and malware, more endpoint attacks via
the cloud, more sophisticated phishing attacks, a greater number of third-party and supply chain attacks, and an uptick in attacks against artificial intelligence and machine learning-based systems.
users must cross to access resources and services.
One way to improve the security
of the network architecture is through proper segmentation. Implementing
a next-generation firewall (NGFW),
for example, allows for containerized zones, perimeter guards, application- aware deep packet inspection, intrusion prevention and detection, and VPN concentration, along with the ability to enforce traffic policy and performance.
Despite these continued threats, there are steps Defense agencies can take to improve network security. Among the most important is to develop a secure network architecture that separates production and management traffic. Focusing and finding ways to reduce the time it takes to expose a security incident also improves security. By implementing modern cybersecurity technologies, agencies can help ensure a unified, effective, compliant network ecosystem.
It all comes down to creating a fully secure architecture.
“It is all about controlling communications between your network systems” Balthaser says. “Implementing interior NGFW solutions allows
you to control the way your internal systems are permitted to communicate. Restricting system communication in a deny-by-default, permit-by-exception method and only the communication necessary for operations greatly reduces attack surface. Systems that have no reason to communicate with each
other should never be permitted to do so. NGFW interior implementations extend capability for inspecting communications, restricting unnecessary traffic, and reduce potential paths for exploitation.”
A Department of Defense Office of Inspector General report found that many Defense agencies have not yet put in place required functions, especially in the areas of continuous monitoring, governance, identity management and access controls, asset management, and information protection processes and procedures.
To create that secure architecture, Defense agencies are working to create protections for service provisioning elements – such as web, email servers and Microsoft Office application
servers – and protecting the security management systems that maintain agency systems. It’s also about segmenting, creating interior boundaries and interior perimeter checkpoints that
Ensuring a secure architecture also requires out-of-band management and security management capabilities. Out-
“It’s not about just hardening your outer perimeter shell. It’s also about making sure that everything inside your network boundaries is protected,” says Scott Balthaser, a cybersecurity risk management framework architect at CDW·G.
Meeting and exceeding cybersecurity requirements
PRODUCED BY:
SPONSORED BY: