Today, cyber professionals are operating in a world with more threats, increased complexity and fewer resources. “Everybody is trying to do more with less, and within government, it is no different,” said Tim Woods, Vice President of Engineering, FireMon.
In this era of austerity, how can agencies remain secure? One method is to start automating your systems and move away from slow, redundant manual processes. “I get the pleasure of talking to so many really smart security professionals, and they all have ten different priorities on their plate, and they can’t get to all of them,” said Woods. “And so it’s not that they don’t know what to do, it’s having the tools, the visibility and the time to do the things that they know they need to be doing.”
This is why automation is essential, and a central part of the CDM program. “[Administrators] need to have the ability to analyze how policies behave, and this cannot be done in a manual fashion anymore – you just miss too much,” Woods explained. “Agencies need an automated way to understand how they are in compliance, and when [agencies] go out of compliance.”
FireMon helps agencies automate services and gain more visibility into the operations of their systems through their security intelligence platform. “The security platform provides that assessment of all security device configurations in real time and maintains compliance based on a required set a criteria, allowing that dynamic audit to take place, or that pre-audit to take place in advance of a particular change going into effect,” said Woods.
With FireMon solutions, agencies can gain real-time insights and value across many of the key CDM functional areas. FireMon helps government obtain real-time situational awareness, which is a key element absent from many security architectures today. To help agencies protect critical infrastructure, FireMon has been working to create safe, secure and reliable IT solutions. Woods explained four specific benefits of the FireMon security intelligent platform:
- Enforcement point configuration analysis: “We can find those security holes that shouldn’t be there, right up front,” said Woods. Improved security posture: “Our ongoing continual policy analysis gives a clear picture, with actionable data on where security remediation efforts can be focused in order to improve your know overall security posture.”
- Real-time visibility: “We provide real time uninterrupted visibility into current device configuration and enforcement, including logging all of the configuration changes and recording all the log details, so that we can look back at the live history of rules and policy implementations and compare.”
- The capacity to capture all of that information: “We give a true ability to model and test the impact of changes. So not only are we real-time and dynamic, and can show you things as they happen, but we can also put you in a proactive stance, so that we can model changes before they get added to a configuration or to a policy, so as not to introduce unnecessary or additional IT risk.”
But even the best technology is not enough, said Woods. The promise of technology will only be realized if it is correctly maintained and configured over time.
In our report, we also highlight numerous best practices to get started with CDM and how to improve your cybersecurity posture. One of the best practices highlight was automation, which is highlighted below. Be sure to download the report to see the full list.
Automate as Much of the Security Testing as Possible
Agencies should look to automate as much of the security testing as possible and move away from manual testing. With automation, the frequency and comprehensiveness of coverage can improve. “[Through automation] there have been steady progress in a number of the departments and agencies of reducing risk significantly by as much as two-thirds or as much as a factor of 10 reduction, that’s occurred at the Department of State in 2009,” said John Streufert, Director Federal Resiliency Network, Department of Homeland Security.
The CMaaS solutions deployed by CDM ultimately will help agencies deploy stronger automated services, helping government become more efficient in combating cyberattacks. “For every action you take on security, you’re not only able to make the dollar go farther, but that the cost per transaction and repair action is going down through the benefits of automation,” said Streufert. As the world continues to be more interconnected, our shared risk of cyberattacks increases. Because of this, it is essential that organizations gain improved visibility of their networks, and automate their cyber solutions.
Want More GovLoop Content? Sign Up For Email Updates
Large enterprises, managed service providers and government agencies demand the capabilities found only in FireMon solutions. FireMon allows organizations to retain visibility into network security, compliance and IT risk, which is all necessary for preventing intrusions and resulting breaches before they happen. Learn more: http://www.firemon.com/solutions/overview