The following blog post is an excerpt from a recent GovLoop guide: Your Cybersecurity Crash Course. We solicited the GovLoop community to learn their top cyber challenges. In the report, we answer 12 of their most pressing cyber questions.
In today’s technologically inundated world, cybersecurity is an issue that affects public and private sectors alike. GovLoop recently had the opportunity to speak with Rob Roy, the federal chief technology officer at HP Enterprise Security Products on these issues. Roy provided valuable insights on the most pressing cyberthreats, the best security practices for both IT and non-IT professionals, and ways in which HP is helping the public sector.
When highlighting today’s major cybersecurity threats, Roy took a holistic, macro-level approach. He mentioned that agencies face both external and internal threats when it comes to protecting information networks. On the one hand, organizations are faced with advanced persistent threats from hackers, nation states and other malicious actors on a near-daily basis. However, it’s not enough to protect critical agency data from outside threats alone. Roy says the challenges presented by insider threats and other individuals looking to expose sensitive organizational data must be met with equal vigilance.
According to Roy, insider threats are not necessarily malicious. He acknowledged that federal agencies are also vulnerable to accidental information breaches, which can be avoided with greater security training and threat intelligence.
In terms of best practices, Roy emphasized the importance of limited access. “Everything runs on software, and it is designed to allow people to access the network,” Roy said. “The key is that it has to ensure that access is limited to only those who have permission. Organizations need to look at the software layer, from acquisition to development and production, assuring the software supply chain from intentional and unintentional vulnerabilities.”
Roy also cited the importance of deploying continuous monitoring solutions. One such example is HP’s work with the Department of Homeland Security and its Continuous Diagnostics and Mitigation (CDM) program. The program is a government-wide purchase agreement that can be used by any local, state or federal government agency to procure a wide array of continuous monitoring services and tools intended to improve the cybersecurity posture of the government. Through the CDM program, HP helps DHS provide government organizations and employees with tools designed to identify risks on a continuous basis.
But HP did not just stop at the development, production and sale of the CDM program. The company broke down the entire concept of CDM and began training federal employees through marketing actions and individual HP sales personnel. HP hosts weekly trainings not only on HP technologies but also on valuable information such as developing secure software applications. As part of this more proactive approach to the cybersecurity challenge, HP is able to get the necessary information out to the public in an easily consumable manner.
“CDM consists of 15 discrete but highly powerful security control areas, and we broke that down into four main areas that all 15 controls fit into,” Roy explained. “There is configuration management, understanding what you have to protect, vulnerability management, understanding where the risks are, access management, which includes who has access and how do we control what they access, and finally event management, which includes how we discover when we are being attacked and how to we respond effectively.”
HP also helps public sector agencies remain secure in a numbers of other ways. HP Security Research (HPSR) is a global, independent security research group that delivers security intelligence and vulnerability research to its customers. HPSR assists HP’s government customers in managing their data responsibly and securely. As part of its new developments, HP’s data security and cryptography vendor Atalla is now offering cloud encryption that combines patented, key-based encryption technology that increases security through measures such as protecting keys when they are in use in the cloud. HP intends to converge its different security ideas and technologies in order for people to help each other tackle cybersecurity threats.
So, how do we balance cybersecurity practices with innovation? “In general, innovation introduces risk, but it should not prevent us from innovating,” Roy said. “For balancing the risk, look at the software and the network; see if a piece of hardware is coming from a legitimate original equipment manufacturer; and look at the supply chain for the innovation and whether or not it has the supply chain risk management assurances built in.”
Despite the growing number of IT threats, technological innovation can proceed in a secure manner. By taking a proactive approach to cybersecurity initiatives, organizations can stay one step ahead of attackers, and protect the confidential data they store and manage.
To learn more about cybersecurity, be sure to check out the report: Your Cybersecurity Crash Course