SPECIAL REPORT CYBERSECURITY SOLUTIONS AND STRATEGIES
Sponsored Content
inside your network (whether by accident or on purpose), that’s the starting point, not the finish line. You shouldn’t break the bank on this first step, Hammersla warns. Most organizations spend up to 80 percent of their security budget on securing the perimeter. However, they often shortchange technologies that can help when something unexpected happens, which is where the Detect and Decide aspects of
an effective cybersecurity strategy become necessary.
Detect: The object of this step is
to find ways to swiftly detect threats that get through or around traditional defenses. Using technology that
offers end-to-end visibility across
the organization combined with
the ability to cut through the noise
to identify the right contextual information is the key. Such technology should be able to not only detect adverse activity, but also offer a full profile of the attack including determining who sent it, who opened it, what damage was done and where the attack originated.
Decide: Once a threat is detected, the next step is to understand the potential impact and course of action to minimize damage. All
too often, organizations do this
Mobility is Critical
According to a survey of federal, state and government users by the 1105 Government Information Group, more than 40 percent of agency employees use mobile devices for work. Most agree government employees can’t do their jobs effectively without using mobile devices. Examples include:
First responders: Apps provide everything from location information to instant access to traffic conditions, criminal records and weather conditions.
Case workers: Access to customers’ records and the ability to immediately enter notes reduces paperwork.
Law enforcement: Apps provide geocoded crime data to help officers locate crimes faster.
Field workers: Apps help field workers collect data and report it to the central office, eliminating unnecessary and expensive travel.
Mobile employees and teleworkers: Workers can access important applications in the areas of HR, logistics and enterprise apps no matter what device they are using or where they’re located.
Despite Rocky Start, Cloud is here to Stay
The driving forces behind cloud adoption throughout government agencies are reliability and uptime. Depending on security requirements, there are many choices of available cloud configurations. Here are some innovative ways the cloud is being used in state and local government:
Citizen services: Many states and local governments have moved everything from permits and project reviews to construction inspections online, which helps citizens submit applications and access information 24 hours a day.
Law enforcement: Some police forces now store body-cam and other footage in the cloud.
Emergency response: Some states are moving toward cloud-based 911 systems, as well as data sharing for emergency response agencies.
Communications: Cloud-based videoconferencing has many uses, including meetings, trials and inmate visits.
step manually by pouring over an avalanche of alerts, digging through user logs, and making phone calls. Automating the routine elements of the process through analytics tools and algorithms that ask pertinent questions makes deciding what action to take faster and, often, more accurate.
Defeat: This final step draws upon the information and insights gleaned from the prior stages. Each threat is different, requiring different combinations
of technologies and processes to eliminate them. Ultimately, the goal is to identify malicious activity as soon as possible and pinpoint the specific actions to take to eradicate threats from the environment as quickly as possible. This period from compromise through remediation
is often referred to as “dwell time.” Minimizing this is the key to reduce the risk of theft or damage.
Throughout this process, agencies can defeat cyber-threats more rapidly and efficiently, before
they become significant problems. Hammersla explains, “If you approach cyber-threats this way,
you have essentially shifted the burden of cost and complexity to the hacker,” he says. “By doing that, you can deter them and incent them to go somewhere else when it becomes too expensive and not fruitful enough to attack your organization.”
forcepoint.com