By Paul Christman, VP Federal Sales, Dell Software. This blog was originally posted here.
In the wake of the recent OPM cyber breach, federal CIO Tony Scott recently announced a 30-day “Cybersecurity Sprint” requiring agencies to immediately take steps to improve protection of federal information and resilience of federal networks.
Tony Scott’s initiative comes in the wake of the latest battles in the ongoing cyberwar against the United States government and an alarming increase in cyber threats. In fact, a February 2015 report issued by the U.S. Government Accountability Office (GAO) found that over the past eight years, incidents reported by federal agencies to the U.S. Computer Emergency Readiness Team (U.S. CERT) have increased by 1,121 percent, reflecting 67,000 reported incidents in 2014.
The use of the word “sprint” signifies that the CIO is utilizing a methodology designed to deliver results fast. At the same time, the Cyber Sprint encompasses a wide range of critical cybersecurity elements, recognizing the need for holistic security and an active, rather than reactive, security posture. This presents agencies with a significant challenge, but one that they have the resources to address.
Within the confines of the Cyber Sprint, agencies must address four critical security efforts:
Immediately deploy indicators provided by DHS regarding priority threat-actor Techniques, Tactics, and Procedures to scan systems and check logs
As a part of the Cyber Sprint, agencies will now be required to immediately report any evidence of malicious cyber activity. Real time reporting is essential for quick remediation of cyber incidents. Luckily, today’s next-gen firewalls, coupled with insight into abnormal network activity enabled by robust identity and access management (IAM) approaches make these capabilities possible and give agencies a head start on their sprint. Dell SonicWALL offers next-gen firewalls that can correlate and present data from servers, network switches and firewalls.
Patch critical vulnerabilities without delay
Cyber criminals often have advanced resources available for cyber exploits, yet the vast majority of cyber intrusions take advantage of easily identifiable – and easily remediated – vulnerabilities. With the right tools in place, this is a simple element of the Cyber Sprint. Dell can identify and deploy patches for endpoints and servers and also provide updated virus signatures and deep packet inspection through next generation firewalls. Dell’s KACE systems management appliances enable rapid and effective patch management across heterogeneous enterprises of all sizes.
Tighten policies and practices for privileged users
Privileged users often hold the keys to the kingdom when it comes to sensitive government data. The Cyber Sprint seeks to mitigate this potential threat by limiting and controlling privileged user access. Additionally, Tony Scott has stressed the importance of tightening policies for privileged users. Privileged account management tools can help tighten these policies without prohibiting necessary access. Dell’s privileged account management offerings allow agencies to control the resources available through privileged accounts, while also controlling, monitoring and producing reports on the activities of these individuals. Dell is the only vendor that offers solutions in each area detailed by Gartner in its Privileged Account Management Market Guide.
Dramatically accelerate implementation of multi-factor authentication, especially for privileged users
Internal threats have been recognized as a critical security concern, often providing intruders with easy access to sensitive data. Multi-factor authentication provides an additional line of defense against external bad actors posing as qualified insiders – one that has been mandated by government for the past decade through Homeland Security Presidential Directive-12 (HSPD-12). Dell can provide hardware and software tokens for multi-factor authentication and help agencies integrate existing multi-factor authorization infrastructures with modern as well as legacy applications. Dell’s Defender multifactor authentication solution requires no dedicated server and can authenticate against already-in-place Active Directory infrastructure, facilitating this step for agencies in a hurry to get to the finish line.
Get on your mark and get ready for the sprint – Dell stands ready to help federal agencies achieve the cybersecurity improvements with which they’re tasked. Learn more about Dell’s end-to-end security offerings here.
Dell also offers end-to-end solutions to address the NIST Cyber Framework. To learn more please visit here.