GovLoop

“We Have to Shift Towards Resiliency”: Cybersecurity Trends for the Federal Government

2014 may as well have been called the Year of the Hackers. Massive security breaches at both private and public sector organizations — everyone from Target to – the U.S. Postal service — shattered citizens’ expectations about the state of their personal information and data.

But the view of cybersecurity may finally be changing for the better, said Tom Conway. Director, Federal Business Development at FireEye, a leader in cyber security and malware protection. We sat down with Conway to discuss 2015 cybersecurity trends, where agencies will have to shift their focuses to, and how organizations can prevent insider threats.

Though 2014 was such a dire year in cybersecurity and in hacks, Conway has a unique take on it — those breaches may have finally increased awareness about the issue and is causing organizations to tackle cybersecurity with a seriousness they haven’t before.

“I think people are finally realizing that this problem is not going away,” Conway explained. “So they’re really shifting their thinking more along the lines of resiliency. Before, I would say there was somewhat, not just in government, but in industry at large, a little bit of a naiveté, a thinking that we can just throw some money at technology and smart people, and the problem will go away. I think organizations realize it’s an issue that’s here to stay, so we have to shift towards resiliency so that we can continue to deliver on our mission, despite an ever-increasing cyberthreat.”

Now that agencies and organizations are taking cyberattacks seriously, Conway explained that to prevent further breaches, there are four necessary areas to focus on.

“Number one,” Conway said, “agencies have to focus on their protection. Number two? Detection. When they do have a challenge, they need to detect it as quickly as possible. Then, the third step is they need to shift very quickly to containment. When they’ve detected it, they need to contain it to make sure it doesn’t spread too wide within their enterprise. Then there’s the final step: restoration. If an attack takes your entire agency down, it’s a huge challenge, not only to the mission, but also to recovery.”

So if your agency is properly focusing on cybersecurity, and following these four areas to protect data, how do they know if they are succeeding? How do you know if you’ve created a secure system?

“I think an area that the government should seriously look at is something we call compromise assessment,” advised Conway. “This is where you bring in a third party to actually see if someone is already inside your network that you don’t know about. If you don’t know they’re there, you don’t know they’re there. You need to bring someone with a fresh set a eyes who is up to speed on what the latest adversary I tools, techniques and procedures, are, to look for artifacts that maybe someone is in your network. You need to continuously test yourself and exercise yourself to see if you’ve been compromised.”

But faced with tight budgets and even tighter resources, how can the federal government effectively deal with cybersecurity and make sure they’re preventing and detecting breaches? Conway said the answer is agility in acquisition.

“If you look at the security budget, it continues to go up,” said Conway. “However, what we see a lot is that a lot of that money is being spent to sustain legacy environments. And I think that’s really a drain. The adversary, yes, does take advantage of legacy environments, but they’re also looking to take advantage of new things like cloud and mobile and virtualization. So, I think the government needs to realize they need to become much more flexible and agile in their budgeting in acquisition processes, to stay up with a threat, let alone stay ahead of the threat.”

“We know the federal government is fighting fires,” Conway added. “It’s being covered in the press continuously. Our job at FireEye is to really understand and help them get to a better place, so cybersecurity and subsequent breaches aren’t such a big issue. It may take a number of years to do so, but we all need to be thinking about that better place.”

 

Exit mobile version