Sponsored Report
CYBERTHREAT RESPONSE Rapid Response
Despite making progress, states and municipalities need better incident response capabilities.
It should come as no surprise that cybersecurity is the top priority
of state CIOs around the country, and has been for the past several years. The National Association of State Chief Information Officers (NASCIO) recently reported this finding, which underscores the continued concern state and
local governments have about the increase in cyber-attacks. These threats can and do affect the privacy and security of confidential data,
as well as business continuity of government agencies.
And the threats continue to spiral out of control. According to an October, 2015 report from Ponemon Institute, state and local government agencies experience data breaches approximately every twelve weeks. The threats are growing more sophisticated as well. Hackers no longer rely solely on tried-and-true methods like packet sniffing and password code cracking. They’ve added more complex threat signatures, such as cross-site scripting, distributed attacks, staging and advanced scanning.
The Ponemon Institute report found that on average, federal agencies are better prepared to handle cyber-threats than state and local governments. More federal agencies have incorporated modern technology and processes like behavioral analytics, next- generation firewalls, big data solutions and intelligence sharing.
Some states, however, have made significant progress. They’re
Other Incident Response Articles Include:
• When it comes to Incident Response, Preparation is Key
• Choosing the Service Approach to Incident Response
• A Multi-Pronged Approach to Preventing Cyber-Attacks
• Fighting Cyber-Crime Requires More Than Just Tools
Go to GCN.COM/2016INCIDENTRESPONSE
an important model for other state and local governments. California is one of the most mature with
a cybersecurity task force, the California Cybersecurity Integration Center, and the Cyber Incident Response Team. California also has a well-developed, comprehensive incident response plan.
Still More to Do
Despite pockets of progress, state and local governments still have
a long way to go. In the area of incident response, for example, only 38 percent of state and local government organizations are confident they could contain a cyber-attack. That’s in contrast
to 52 percent of federal agencies, according to the Ponemon Institute study.
Effective incident response requires greater visibility and faster response than most state and local governments can currently manage. It also requires integrated state-of- the-art tools and capabilities.
Integration is also critical
to achieving visibility and
faster response. It requires incorporating functions like analytics and visualization, along with intelligent packet capture and retrieval. Using an integrated set of tools and functions, agencies can better understand how long the organization has been under attack, how the attacker entered the network, and the extent of the damage.
Using this strategy, Maricopa County in Arizona helped
secure the data for its nearly 60 departments, while maintaining compliance with a host of federal and industry regulations. Using
a combination of FireEye’s
Email Threat Prevention (EX
Series) platform, Network Threat Prevention, Host Prevention and Central Management platforms, the county was able to more effectively identify, manage and respond
to threats in real-time in a fully automated fashion. •