This post is an excerpt from GovLoop’s recent industry perspective. To read the full piece, click here.
Splunk helps dozens of agencies combat cyberthreats. Here’s how the Nevada Department of Transportation (NDOT) uses it.
Since 1917, NDOT has maintained, planned, constructed and operated the state’s highway system. Located in Carson City, the division employs more than 2,000 professionals and is responsible for more than 5,400 miles of highway and more than 1,000 bridges. Additionally, NDOT administers the state’s 511 system, which enables citizens to report and access information on delays, road closures and construction. NDOT also runs a statewide camera system that gives real-time feeds so people can check traffic levels prior to traveling.
Tasked with such an important mission, the department has huge amounts of critical data that it must protect. When an NDOT security official recently became worried the data was not properly protected, the department began to take preventive steps.
First, the division audited its system by attempting to hack into its own data to obtain documents. This allowed officials to assess network vulnerabilities and security gaps. And once they got in, they found that it was a very tedious process to understand how the attack occurred. The team had to sift through system logs, relying on a manual process that was mistake-prone. They realized they were losing precious time should a real cyberattack occur and that they needed an automated system to better combat attacks.
NDOT turned to the Splunk platform to aggregate data from disparate sources across the network’s infrastructure. The team downloaded Splunk Enterprise for a trial and built two Splunk dashboards to present log data. The first dashboard captures logs from the department’s web and File Transfer Protocol services, tracking cyber incidents. Another dashboard collects data from servers, switches, routers and firewalls throughout a network, informing managers about abnormal events on a network, such as crashes, timeouts and errors.
With this new system, NDOT immediately gained visibility into its network. Splunk took away and automated the laborious tasks, saving NDOT time and resources.