3 Ways the Federal Government Is Using Technology to Advance Cybersecurity
By Todd Helfrich, Vice President of Federal, Attivo Networks
Attivo Networks has joined hands with the federal government to implement cybersecurity technology. Learn how the government works closely with Attivo to advance cybersecurity.
When it comes to cybersecurity, the federal government is putting out fires every day — and it can be exhausting. Like most organizations, the government has traditionally defended the network perimeter with tools like firewalls and antivirus software. Unfortunately, it has become clear that adversaries have long since broken through those barriers using modern techniques such as social engineering, phishing, drive-by downloads, identity theft and impersonation.
Protecting any enterprise against today’s cybercriminals — let alone nation-state threats — is a challenging task, given the volume, variety, and age of many government systems. With the rise of third-party breaches, the government now needs to ensure its vendors and suppliers can protect their own systems. Attivo Networks works closely with the government to help them implement innovative cybersecurity technology and steers best practices and policy conversations in a more secure direction.
Collaborating with Experts to Better Secure the Government and Its Partners
It is important for cybersecurity organizations to be more than just manufacturers supplying technology to the government. Attivo Networks has built collaborative relationships with government agencies to help deliver stronger, more tailored solutions. This is essential in areas of critical infrastructure, intelligence, defense, and others that have specific needs that can only be addressed by a partner with a thorough understanding of the particular challenges they face and gaps they need to fill.
Information sharing has also become a priority within the government, and the recent executive order on cybersecurity emphasized the need to share threat information. Today’s technology is better than ever at collecting adversary intelligence, especially when an adversary is tricked into interacting with decoy assets while safely cordoned off from the rest of the network. Studying indicators of compromise (IoCs) and the related tactics, techniques, and procedures (TTPs) and sharing that information effectively can help defenders detect and defend against specific attack tactics, even if those tactics have not yet been used against them.
Active cyber defense enables enterprises to curate relevant internal threat intelligence that accelerates persistent hunt operations. Effective cyber threat intelligence sharing means the intelligence shared must be both timely and relevant. Within the government, classified indicators often don’t receive a “tear-line” in a timely fashion or receive the same aggregated data available through open-source and commercial unclassified sources. Improving cyber threat intelligence means collaborating on analysis and applying risk scores and decay windows to IoCs.
With many third-party breaches in the news, trust in third-party partners is increasingly critical for the government. This is increasingly relevant as attackers often breach vendors of widely used technology to infiltrate the software development life cycle, rather than target the government head-on. This happened with SolarWinds, which resulted in a major breach with extensive reach across government and the corporate world. Attivo has worked closely with the government to identify appropriate solutions capable of identifying attackers that have breached perimeter defenses or arrived via third-party compromise, including, and especially, increased identity detection and response capabilities.
Read the full article at CISO MAG.
Free Active Directory Assessment
Get Visibility Into Privilege And Service Account Exposure
For a limited time, Attivo Networks is providing free Active Directory Security Assessments to demonstrate how ADAssessor provides unprecedented and continuous visibility to AD vulnerabilities.
Try Our Endpoint Detection Net (EDN) for Free
FAST AND EASY
Free use offer of our Award-winning security solution to prevent attackers from lateral movement, credential theft, and privilege escalation, fast and easy.
ADSecure 90-Day Free Trial
GET PROTECTION AGAINST UNAUTHORIZED ACCESS TO ACTIVE DIRECTORY
- Hide and deny access to AD objects
- Get alerted on unauthorized queries
- Attack details easily viewable in dashboard
- Your data remains on-premise