GovLoop

Proactively Detect and Prevent Security Threats

Government agencies are ripe targets for cyberattacks, which are only evolving and getting worse over time. Adding to that challenge is the increase in remote work, with human error being the main cause of security breaches.

The biggest threat factor for data breaches is phishing. Cyberattacks often occur because someone made the decision to click on a bad link, or upload or download software they shouldn’t have, said G. Nagesh Rao, Acting Chief Information Officer (CIO) in the Bureau of Industry and Security at the Commerce Department. “And third party malicious actors are continually evolving trying to figure out how to poke the holes, and getting more and more sophisticated with their attacks.”

“IT security is important now more than ever…. There’s no room for failure when it come to people’s data and information,” Rao said.

Rao spoke alongside Matt Porco, Principle System Engineer at Citrix Public Sector, during GovLoop’s virtual summit on Wednesday.  They discussed using artificial intelligence (AI) and machine learning (ML)-driven analytics solutions to detect and prevent security threats.

Considering this current landscape, IT security teams are typically short-staffed and overworked trying to keep agencies secure, Porco said. Whether that’s continuously monitoring suspicious user behavior or wiping users’ devices and applying more stringent security policies when attacks occur, an analytics solution can autonomously take care of these actions. It can also help reduce the manual labor that’s involved in keeping systems secure.

“The level of sophistication of AI and ML goes far beyond what we can do as regular people,” Porco said. Applying ML across multi-cloud infrastructure can detect patterns of bad behavior and help predict future issues.

Solution: Analytics
What are analytics and how do they help?

User behavior analytics is an ML-enabled process that monitors users over time to learn what each user’s “normal” behavior is, and then continuously monitors users to detect any abnormal behavior that deviates from the model.

A good analytics system needs to be:

When attendees at this online training were asked if their agency uses continuous monitoring, 55% of poll respondents said yes.

“Continuous monitoring is important because it is a key part of any zero trust security strategy,” Porco said, and zero trust is the direction that governments are moving in terms of their IT security strategy.

An Analytics Solution at Work
Citrix Analytics for Security

Citrix Analytics for Security is an AI/ML-driven user behavior analytics system that detects and mitigates threats from internal users. It focuses on easily identifying high-risk users.

Users are given a risk score of 0-100 (no-risk to high-risk) based on information from the different data sources that are sent to the Citrix Analytics service.

Once threats are identified, the system can respond by initiating closed-looped autonomous actions, such as blocking users from using their workspace or applying stricter security at the login level. The actions taken and risk level can be determined by the agency.

Here’s how IT security teams can deal with these real-world examples using analytics:

Don’t miss out on other virtual learning opportunities. Pre-register for GovLoop’s remaining 2020 virtual summits today. 

This online training was brought to you by:

Exit mobile version