Tag Archives: cybersecurity

The Shared Responsibility of Cybersecurity

Posted on by

Every October, the cybersecurity community comes together to highlight how each of us plays a role in the security of not just our own online identities, but of cyberspace as a whole. This year, National Cyber Security Awareness Month, organized by the Department of Homeland Security, is celebrating its 15th anniversary. This month is a collaborative effort between government and industry to ensure every American has the resources they need to stay safer and more secure online while increasing the resiliency of the Nation during cyber-threats.

The theme for 2018 is "Cybersecurity is our shared responsibility, and we all must work together to improve our Nation's cybersecurity." This focus on responsibility, both individual and organizational, is critical for a population becoming more and more dependent on Internet connectivity. A recent study found that while government tends to have better cyber hygiene than most industry sectors, overall, we are not doing all we can to secure our networks and all of the devices that connect to them. Only 50 percent of respondents said they were running authenticated scans and were able to patch vulnerabilities within a week of detection. Almost half use dedicated workstations and networks for administrative activities, but over 40 percent do not use multifactor authentication or don't require unique passwords for each system. Continue reading

Biometrics is Finding its Identity in Government IT

Posted on by

Biometrics is the use of an individual's unique physical and behavioral characteristics, typically used for identification and access control. Fingerprinting, the oldest form of biometrics, can be used for much more than identifying criminals. Fingerprint sensors have long been in use to allow individuals to login to their laptops, control physical access to buildings, track attendance of employees, and much more. Today, the focus is on improving facial recognition both for access to systems and facilities and as part of national security practices.

Facial recognition holds promise for accurately identifying who should and should not be in a specific place - whether that is a physical location like a building or an airport, or a virtual one like a set of classified files. However, the technology is not as reliable as the market requires. The impact of false positives and missed identities are measurably bigger when you are talking about identifying someone on a terror watch list rather than simply being locked out of your cell phone. There is considerable work being done to close the gaps between the promise of facial recognition and the reality of today's technology.

In a world where we are conducting more and more business online, biometric identification seems like a no-brainer for increasing the security of accessing personal data. But there is a privacy concern. Using biometrics means that organizations have access to very personal credentials and a recent ruling showed that the FBI does not need to disclose what biometric data it has on citizens. Continue reading

Hybrid Technology: It’s Not Just for Cars, It’s in the Cloud

Posted on by

As cloud gains momentum as a platform for government IT, the one-size-fits-all solution is becoming obsolete. Government organizations require unique solutions to suit their specific needs, which is why understanding the cloud platform options is the first step to making the change to the cloud. Initially, there were public clouds hosted completely off government sites by a third party (like Google or Amazon Web Services). Then came private clouds, infrastructure and networks designed as a cloud but only available to a closed loop of individuals. Private clouds are hosted on-premise by the government entity they were built for. Now, there is a third type of cloud implementation that is proving to be the most popular and most attractive to government agencies - the hybrid cloud.

Hybrid infrastructures mean that some elements are hosted in a cloud (either public or private) while others are managed on-premise. There is a connection that allows all systems to work seamlessly. This set-up alleviates security concerns and helps organizations maintain tight control over critical applications.

Additionally, a hybrid environment helps avoid vendor lock-in. As agencies found with hardware, becoming an all "one vendor" shop has drawbacks. While going with a single IT vendor can have initial cost savings and economies of scale, in the long run, agencies grew frustrated when that one vendor could not innovate quick enough or provide the support they needed. Agencies are wary of falling into the same trap with cloud providers and look to spread out their applications across several platforms. This allows them to pick the cloud infrastructure that works best for that particular IT solution. There are hybrid cloud management tools that "abstract away many of the common features offered by different cloud providers" making it easier to manage multiple clouds. Continue reading

Insider Threat Within Government

Posted on by

Whether it's an Edward Snowden situation or "simply" just someone clicking on a rogue link, insider threat is a real issue for every organization. Insider threat is defined as a malicious threat to the security of an organization and its data that comes from people within the organization, such as employees, former employees, contractors or business associates. These people have some level of legitimate access to systems and information and therefore can open an organization up to attack or a breach. One statistic estimates there is one insider threat for every 6,000 to 8,000 employees within a government agency.[Tweet "Agencies need a combination of monitoring and detection technologies. #GovEventsBlog"]

To mitigate this threat, government agencies need a combination of monitoring and detection technologies, identity management tools, process and policy reviews, forensic capabilities, and user training.  It's a complex problem to "solve" but luckily there are a number of events and resources available to help make sense of all of the issues.

We've pulled together a list of several upcoming events to help in understanding and mitigating insider threats to any agency or organization.[Tweet "Upcoming events covering insider threats to any agency or organization. #GovEventsBlog"] Continue reading

Digital Forensics 101

Posted on by

The digitization of records and processes across government increases the need for sound digital investigation tools and processes. Whether it is looking into a data breach or gathering information for litigation, organizations are spending a lot of time culling through this data to get answers to pressing issues. An IDG survey found that a vast majority of organizations conduct digital investigations on a weekly basis. These investigations range from proving regulatory compliance, security incident response (including post-event analysis), and stopping high risk employee behavior (acceptable use violations).[Tweet "A look at digital investigations with Tod Ewasko, Director of Product Mgmt. at AccessData. #GovEventsBlog"]

We sat down with Tod Ewasko, Director of Product Management at AccessData to learn more about the role of digital investigations as a part of everyday IT efforts.

Q: Who "owns" forensics? IT? Legal? HR?

A: The answer is kind of all three. Many people lump forensics in with cybersecurity, but it's really a separate entity. Yes, forensics tools are used to investigate cyber incidents, but they are not preventative. That is what you have the "hunting" tools out there for - watching firewalls and logs for anomalous behavior or activity. Once that is stopped, then the forensics tools come in to make sense of it - to see how it happened and drive the plans to make sure it does not happen again. Forensic tools look beyond the event and gather all data relevant to the systems in question.

Q: Is forensics all reactive then? Continue reading