The following blog post is an excerpt from a recent GovLoop guide: Your Cybersecurity Crash Course. We solicited the GovLoop community to learn their top cyber challenges and, in the report, we answer 12 of their most pressing cyber questions.
Cybersecurity professionals are being challenged like never before. They are operating in a rapidly evolving cyber landscape, which requires them to think about new ways to protect, defend and mitigate the impacts of an attack. By taking a new approach to cybersecurity, your agency can build on your existing security infrastructure and tools to implement cost-effective security against today’s dynamic threats.
“One cyber challenge is information overload. There is so much information coming in from different alerts, externally from their customers, from security information services about their tools and their environments, it’s just an avalanche of information and difficult to navigate, ” said Jean-Paul Bergeaux, chief technology officer at SwishData Corporation.
Bergeaux is alluding to the challenge of tool sprawl with cyber solutions. Often, government agencies already have many cyber tools deployed, but the solutions have overlapping functions and are not integrated in a way to maximize cyber defense.
That’s the problem that SwishData is helping to solve. As a government focused systems integration and data engineering company, SwishData is helping agencies to consolidate and integrate their cyber technologies, eliminate tool sprawl and enable centralized security management across the enterprise. This helps lower the total costs, both operational (OPEX) and capital (CAPEX), of cyber solutions, and allows agencies to develop a more robust cyber defense. Since agencies are able to lower their costs, they can invest in advance cyber solutions like behavioral analytics and anomaly detection.
To start consolidating solutions, organizations must focus on facilitating proper communications between stakeholders. “Often the hardest thing for a lot of agencies to do is to get the right people in the room. This includes employees who are not just cyber security experts, but also project managers and data owners. By bringing everyone to the table an organization can have a cybersecurity summit inside the organization. This will help identify priorities of what needs to be secured and how,” said Bergeaux. This is an imperative step for organizations to take and can help them identify the right kinds of solutions to be deployed.
SwishData provides four basic steps to help organizations streamline cyber solutions.
- Decide Goals: Agencies should determine and prioritize what needs to be protected, and how.
- Evaluate Environment: Before tools can be selected, agencies must know the products and assess current capabilities. This will help identify untapped features and understand what cumbersome solutions can be replaced.
- Establish Strategy: It is essential that your agency is able to prioritize investments based on their cost-effectiveness to meet mission requirements and security goals.
- Achieve Goals: Consolidating cyber solutions will help achieve your goals, and will provide better situational awareness.
As cyber tools become integrated, organizations will then be able to access and share data across tools such as firewalls, IPS, network access controllers, which can be used to improve situational awareness. With this kind of data available, organizations can work towards building a dashboard. With the goal of continuous monitoring, agencies will be able to link all their solutions together and gain a holistic view of the health of an agencies cyber defense. SwishData has made great strides in being a value added re-seller for the cyber market. Their intent is to be a true solutions provider. “There are actually a lot of companies that bring total solutions such as Virtual Desktop Infrastructure (VDI), FDDCI, disaster recovery and backup, and they bring all that together to bring solutions from A to Z, but on the cyber side there aren’t really a whole lot of companies that can do that, and that is a huge gap where we have focused,” said Bergeaux.
Ultimately, the goal of SwishData is to help find ways to cut the CAPEX and OPEX costs. “We help agencies find ways to improve while you save money, which opens up more funds to further secure your environment. It’s about a long view rather than a short view,” said Bergeaux. He believes that having a long view is imperative for an agency. “Cyber teams have been underfunded and under the gun, just trying to survive responding to crisis’s until recent events allowed them to get enough visibility for more reasonable funding.” By creating a multi-year plan, organizations can see the financial impact over the next twelve to eighteen months, and can focus on integrating automation tools, helping to cut costs.
In today’s world, it is crucial for organizations to protect their data and information networks. Learning the right way to automate and integrate systems is imperative to the realization of this goal. Although there will be challenges to automating cybersecurity initiatives, it is an essential part of improve an agencies overall security, and keeping information secure.
To learn more about cybersecurity, be sure to check out the report: Your Cybersecurity Crash Course