This interview is an excerpt from GovLoop’s recent research guide, The Current State of Government’s Cybersecurity.
Whether you’re dealing with top secret data at Langley or working with thousands of people’s health data at NIH, you want your systems to be secure. As government organizations continue to modernize, their cybersecurity efforts continue to expand. However, despite agencies’ best efforts, nefarious actors have still been able to infiltrate systems and obtain sensitive data.
To understand the best ways to secure agency networks, GovLoop spoke with Will Ash, Senior Director of U.S. Public Sector Security at Cisco, an industry leader in networking and cybersecurity. Ash explained that, “the biggest impediment to ensuring cybersecurity is planning, budgeting and executing around single security products as opposed to a more holistic threat defense strategy.”
Cyberattack preparedness spans a three-stage continuum: before, during, and after an attack. “Working with a single service or product to plug one of the holes in the continuum prevents agencies from achieving end-to-end protection,” Ash explained. An integrated architectural approach that covers the entire continuum allows for fewer security breaches.
Taking a holistic approach to cybersecurity can appear overwhelming. However, Ash said that end-to-end security efforts are often the simplest option. “Cisco has the ability to maintain an open architecture that is automatically integrated. This brings greater effectiveness and value to the agency which is deploying the integrated threat defense architecture,” he said.
Ultimately, security is an enabler for government agencies’ missions. “Regardless of mission area, whether it’s public health, law enforcement, national security, or one of the many others, we feel very strongly that security can not only lower risks associated with a specific mission area, but also help agencies innovate faster and reduce costs,” Ash said.
As we move into the digital age, the attack surface that can be infiltrated is expanding and becoming more complex than ever. As agencies continue leveraging mobile devices, the internet of things, and the benefits of the cloud, cybersecurity must continually enable the agencies’ mission.
One way Cisco has been able to do this is through its Identity Services Engine (ISE). A single sign on architecture, Cisco ISE ties users with a sign on across applications and devices. This ensures that the right person has the right access from the right device. “Essentially, it’s enabling an agency’s mission in this new digital age where so much value is brought to the table through cloud and mobility and other types of applications,” Ash explained.
Fortunately, many of the different government policies and frameworks align well with Cisco’s approach because they are so holistic in nature. Ash explained that many government standards and initiatives, such as NIST 800-53, OMB’s CSIP, or DHS’s CDM take an end-to-end approach to cybersecurity and spread their guidance and plans across the entire continuum in an integrated approach. However, not all government agencies’ cybersecurity plans have shifted to integrated, holistic methods of cybersecurity.
For the agencies that still need a push in the right modernization direction, they must begin to look at the bigger picture in optimizing cybersecurity efforts. Incorporating capabilities like Cisco ISE cannot occur in a silo and must be integrated into overall plans for IT modernization.
Integrating cybersecurity plans into IT modernization includes two parts. “First, outdated infrastructure often has vulnerabilities ripe for exploitation. Second, updating to modern infrastructure provides an opportunity to build advanced cybersecurity into its design,” Ash explained.
Another element of comprehensive cybersecurity is Talos, Cisco’s threat intelligence group. Talos’ threat intelligence powers the cybersecurity architecture that Cisco provides. “Talos researchers track threats across the entire network, including datacenters, endpoints, mobile devices, virtual systems, web, email, and cloud,” Ash explained.
Talos helps agencies by identifying root causes of attacks. During ingestion of threats across the network, Talos scopes outbreaks, understands what happened, and brings all of the information together. “This data is translated into real time protections that can be delivered immediately across the integrated threat defense architecture through automation,” Ash said.
Looking forward, it’s imperative agencies take a holistic approach to cybersecurity. “The value of approaching cyber in a holistic, end-to-end, integrated way is a differentiator,” Ash underscored. “That approach will address a major impediment in government cybersecurity. Cisco is in a unique position to provide value to government cybersecurity efforts, allowing government agencies and employees to successfully complete their mission in this digital age.”