Cyber, dubbed the fifth warfighting domain, continues to pose risks for government agencies. According to the recent Security Effectiveness Report by FireEye titled a Deep Dive into Cyber Reality, 53 percent of attack infiltration goes unnoticed by agencies. Even more concerning, 91 percent of attacks don’t generate alerts with current technologies. With agencies housing valuable, mission-critical data and systems, what can IT leaders do to secure this information?
“Agencies must simplify security in this complex landscape. That’s where providers that incorporate automation, machine learning, and self-service capabilities into their solutions can help. A foundational solution offers assurances of compliance and enforcement by providing a framework for visibility across cloud environments,” said FireEye experts in a recent webinar.
To secure data and networks, agencies must look to employ cybersecurity effectiveness measures, advanced threat detection sensors, and robust cyber training programs rather than remaining stuck in compliance-driven cyber postures. Recently, both the Naval Sea Systems Command (NAVSEA) and the National Aeronautics and Space Administration (NASA) have taken stock of their cyber posture and are looking to more comprehensive approaches to continue mission delivery with security and scalability.
Adm. Thomas Moore, head of NAVSEA, said following “several significant cyber issues this fall and winter it was clear we were not organized and aligned properly” to handle threats. The threats that NAVSEA faces are many -with interactions varying from private companies to Navy commands, supply chain cyber hygiene was the main concern.
Moore shared that NAVSEA hadn’t been able to keep up with “rapid changes in the digital/data analytics world with the sense of urgency needed in this era of Great Power Competition.” For NAVSEA to bolster cybersecurity, Rear Adm. Huan Nguyen, deputy commander for cyber engineering at NAVSEA, has been tasked with leading a new effort in which he “will be the single, accountable authority within NAVSEA” for cybersecurity and digital initiatives.
While NAVSEA has taken the first step in cyber accountability, it’s important that those responsible have the defensive cyber posture needed to combat the sophisticated adversaries targeting NAVSEA and DIB partner networks. For many agencies, this is a strong, seasoned security partner that can offer an array of solutions to improve people, process and technology.
Following the release of a recent inspector general’s report, NASA has made cybersecurity a top priority. The report found that NASA is struggling to implement a cyber policy despite spending about $2.3 billion on IT in 2019. NASA infrastructure is a prime target for hackers looking to steal classified information, making cybersecurity a focus for 2020.
“Given NASA’s mission and the valuable technical and intellectual capital it produces, the information maintained within the agency’s IT infrastructure presents a high-value target for hackers and criminals,” the inspector general report states.
The report found that NASA is falling behind on application updates and system patching. “NASA has not implemented an effective agency-wide information security program,” the report states. “As a result, information systems throughout the agency face an unnecessarily high level of risk that threatens the confidentiality, integrity, and availability of NASA’s information.”
With limited budgets and a small staff, agencies like NASA can look to cybersecurity tools that take a holistic approach that not only offers technology but the intelligence and services to keep that technology updated and mission ready.
“Organizations should feel confident that with the right security strategy, they can seize cloud efficiencies and streamline their business,” said Greg Smith with FireEye in a recent blog.
Ready to bolster your cybersecurity? Click here.