This interview is an excerpt from our recent guide, The Future of Cybersecurity, which examines 15 trends transforming the way government safeguards information and technology.
In the wake of a several high-profile data breaches, government agencies at every level have been scrambling to shore up cyber defenses. Looking for ways to better defend their data and users, the public sector is turning to cybersecurity experts at companies like Symantec for solutions. GovLoop sat down with Symantec’s Ken Durbin to discuss the cybersecurity trends his organization is seeing in the public sector and the tools government agencies can use to modernize their cybersecurity platforms.
According to Durbin, government agencies must defend against both external and internal threats to adequately protect their data.
Addressing The External Threat
To help minimize the external threat, government agencies are looking to enforce two-factor authentication and meet the standards set by the DHS’s Continuous Diagnostics and Mitigation (CDM) program. Durbin explained, “CDM was designed to make sure that federal executive branch agencies all have a common level of cyber protection.”
Before CDM, the level of cyber maturity varied greatly between agencies. “Some people had a really good handle on where all their assets were located, while other people did not,” Durbin said. To level the security playing field, the federal government had to go back to the basics. CDM’s first phase, which involves locating hardware and software assets, verifying configurations and identifying known vulnerabilities, is currently underway.
“A lot of successful attacks today are launched against vulnerabilities that we’ve known about for years,” Durbin explained. Applying the simple steps in CDM’s first phase would significantly reduce the number of successful cyber attacks against the government. “Symantec has solutions that will help an agency identify all of their assets, and scan them to make sure they’re configured properly and deploy patches, if needed,” he said.
Another big cyber trend for government? As Durbin shared, “Identity management and user authentication are getting a lot of attention. People are taking a hard look at who should really have privileges to what, and eliminating privileges that don’t make sense. For those people who are supposed to have privileges, they’re looking to enforce two-factor authentication to make sure an individual really is who they say they are,” Durbin said.
Using Norton Secure Login (NSL), Validation and ID Protection (VIP) and Symantec Identity Access Manager (single-sign on technology), Symantec can help modernize the public sector’s user authentication capabilities. “We’re on a movement to eliminate the password,” he said.
The Human Side of Security
Government organizations now recognize that malicious and inadvertent insider threats are significant risks to their data. Because they are effective at limiting the severity of a breach, agencies are looking at data loss prevention technologies like Symantec’s Data Loss Prevention (DLP) and Data Insight (DI) to mitigate insider threats. These technologies can quickly detect inappropriate access or movement of data, stopping data breaches before they can take their toll.
“The next step in the evolution of Cybersecurity is what we refer to as Unified Security. Our Advanced Threat Protection (ATP) solutions will allow our customers to take advantage of Unified Security,” Durbin said.
So what is Unified Security? Today, network, endpoint and gateway security tools work independently of each other. “Imagine if those tools were aware of each other and could work together…a network security sensor would detect a threat, and check with the endpoint protection sensor to see if they’ve seen that threat, and if they did, determine if it had already mitigated it. If the endpoint already mitigated the threat, then there’s no need to spend time and resources chasing the threat down” Durbin explained.
Despite advancing technology, Durbin stressed that effective cybersecurity boils down to preparation. “Unfortunately, we see a lot more interest in our [cybersecurity] solutions post breach…it’s almost like locking the barn after the cows have been set free, but it’s still essential to prevent another attack,” Durbin said. “We’re working very hard to have those conversations with our customers pre-breach instead of post.”
Symantec also helps government agencies recruit and develop “cyber warriors”. Using the safe environment provided by Symantec’s Cybersecurity Simulation program, IT applicants and staff can run through attack scenarios, bolster their skills and identify weaknesses, all online, and self-paced.
Symantec is providing government agencies at all levels with the tools they need to secure their data. With modern technology and more qualified personnel, the public sector stands a much greater chance at preventing another major data breach.