SECURING THE ENTERPRISE
SECURING THE GOVERNMENT
Cyber threats are on theU
rise, so government agencies must prepare and defend.
.S. GOVERNMENT organizations
are prime targets for advanced cyber threats. Over the past two years, attack- ers have targeted agencies across the federal landscape—civilian, defense and
Viewing information as individual, siloed data sets may not provide much value, but bringing that data together to provide an enterprise-level picture is extremely valuable for decision makers.
Embracing a machine-data, analytics-driven approach doesn’t just help with security. It also enhances agencies’ abilities to address IT oper- ational challenges and improve citizen services delivery. If a system or process isn’t performing well, it’s imperative to identify the issue and take steps to ensure the problem is solved. Not only is this important from an efficiency and operational perspective, but it also affects security.
IT modernization is critical to addressing cyber- security. Many of the vulnerabilities government agencies face today are the result of outdated, legacy technology. This is undoubtedly a big rea- son why the administration included a $3.1 billion IT modernization fund in the budget proposal submitted to Congress in February. That’s on top of the $19 billion that was budgeted specifically to address cybersecurity.
The government’s Continuous Diagnostics
and Mitigation (CDM) program is a promising initiative for improving the overall government cy- bersecurity posture. CDM will deliver comprehen- sive risk and security management capabilities to agencies through a diverse set of solutions, helping agencies achieve comprehensive, single-pane of glass visibility across their environment. With that enterprise capability, CIOs and security teams can gather real-time insights to quickly and effectively respond to potential threats. This will help reduce the risks for agencies and departments.
New cyber threats emerge every day. Mali- cious actors will continue to seek out vulnera- bilities to infiltrate agency networks and access sensitive information. As these threats evolve, government agencies, in collaboration with in- dustry, must continuously seek to enhance and adapt their cybersecurity measures to combat adversaries.
Kevin Davis is Vice President of Public Sector, Splunk.
SPONSORED CONTENT
KEVIN DAVIS
VICE PRESIDENT
OF PUBLIC SECTOR, SPLUNK
intelligence. Some attacks left a bigger mark than others; namely the high-profile breaches against the Office of Personnel Management.
The attention cybersecurity incidents are gaining is causing government CIOs and agency leaders to reexamine their security practices. Tony Scott’s “cybersecurity sprint” last summer jump- started the discussions, but the strategic evaluation of how agencies approach and manage cybersecu- rity is ongoing.
The first piece of this is to understand the reality of the current government environment. The threat landscape is more complex than ever. Not only are there more external threats from determined and sophisticated attackers, but the challenge of insider threats is also rising.
The Office of Management and Budget just released its annual Federal Information Security Modernization Act (FISMA) report. There was
a 10 percent increase in cybersecurity incidents from 2014 to 2015. So while federal leaders are undoubtedly paying more attention to security, the number of security incidents continues to climb.
The greatest obstacle agencies face is their IT systems and applications are still siloed. There is limited collaboration and communication between the teams managing these assets. Ultimately, what security teams and CIOs need most is enhanced visibility into what’s happening across systems and networks. Analysts need the analytics capabilities to provide valuable, real-time intelligence where it’s required.
To achieve an effective analytics-driven approach to security, agencies must understand all data is security relevant. Leveraging the power of machine data analysis, which includes records of activities and behaviors involving users, transac- tions, applications, servers, networks and devices, is a comprehensive approach to this challenge.
S-22