Government Technology Insider
  • About
  • State & Local
  • Civilian
  • Defense & IC
SUBSCRIBE
No Result
View All Result
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Technology Trends Shaping the Future of Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
Government Technology Insider
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Technology Trends Shaping the Future of Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
No Result
View All Result
Government Technology Insider
No Result
View All Result
Home Cybersecurity

Advanced Malware Protection Delivers More Complete Approach to Network Security

by GTI Editors
September 17, 2013
in Cybersecurity
Reading Time: 4 mins read
A A
Government Cybersecurity
Share on FacebookShare on Twitter

According to industry figures, in 75 percent of malware attacks it takes more than two weeks to discover that a breach has even occurred.  Additionally, 70 percent of those attacks were discovered by someone outside the IT department – often by an employee who notices his or her computer is running slowly.   This is of particular concern for government agencies since they are under almost constant attack and probing from hacktivists, cybercriminals, and state sponsored attacks.

Tom Stitt, director of product marketing at Sourcefire, knows there is no silver bullet that will entirely eliminate malware, but he does know that there are specific strategies that will help government agencies gain a better understanding of an attack and be better prepared to handle subsequent attacks. The key is to take time to focus on post-event analysis – to scope and understand the root cause of the malware’s entry into the network beyond the tactical attack and define a strategic remediation plan.

Noting an example in which one agency simply chose to destroy computers infected with malware, Stitt explains this approach is faulty as it doesn’t help an organization to understand why a breach occurred. Ignoring the cause of a breach leaves the door open for similar events to occur in the future.  Government agencies, he adds, must shift from tools that are mere gateways, to a network security approach that enables better protection against a broader range of threats and vulnerabilities over time.

Faced with an overwhelming volume of network activity, a mountain of data and a traditional focus on detection, government agencies are saddled with a number of challenges which make fighting malware a seemingly insurmountable challenge. One of the key reasons that malware attacks are seemingly unstoppable even against the most sophisticated networks is that attackers invest heavily in creating and distributing new attacks and leveraging malware’s polymorphic abilities.

Stitt acknowledges agencies are quickly embracing advanced malware detection tools that enable better visibility into a network’s endpoints.  Examining the entire attack continuum – that is understanding and protecting the network before, during, and after an attack — provides valuable insight and allows agencies to better tackle their network security challenges.

“There’s so much focus on prevention, detection and firewalls,” says Stitt. He stresses the “need to focus on what happens afterward.”  While that might sound counterintuitive it is the after phase during which immediate remediation occurs and the postmortem that enables the IT team to understand how events are tied together so that additional points of vulnerability, or even infected nodes on the network can be remediated and future attacks derived from similar malware or other attack vectors can be detected

Rather than looking for a needle in a haystack, Stitt sees IT managers as having to look for a needle in a haystack of needles.  In other words, the IT team needs to have a system/network-level view of events so that data can be correlated and malicious events aggregated.  Such an approach creates forensic fingerprints of files to identify known malware, tracks file movement and identifies attack targets for focused remediation. Taking advantage of big data analytics, for instance, delivers continuous file analysis and retrospective alerting so users can be notified of malicious files that have entered their environment, and have them immediately remediated wherever they may be, even if they were previously classified as safe.

Stitt says better integration of responses across federal agencies along with evaluating malware issues more holistically enable a more effective approach to solving associated problems and furnish agencies with the continuous visibility, analysis and control needed to better protect their networks.

 

Tags: Advanced Malware ProtectionAttack ContinuumBig Data

RELATED POSTS

Data Culture
AI & Data

PODCAST: Advancing the Data Culture in the Federal Government

November 10, 2020
How San Joaquin County Put Data to Work to Improve Business Operations
Digital Transformation

How San Joaquin County Put Data to Work to Improve Business Operations

May 21, 2020
IT modernization efforts
Defense & IC

At TechNet Indo-Pacific, All Eyes on China and North Korea

December 16, 2019
Please login to join discussion

TRENDING NOW

  • Advana

    Meet Advana: How the Department of Defense Solved its Data Interoperability Challenges

    9333 shares
    Share 3733 Tweet 2333
  • Laid-off Tech Workers Find Unexpected Opportunities with Federal Government Contractors

    13 shares
    Share 5 Tweet 3
  • The Five Pillars of Zero Trust Architecture

    430 shares
    Share 172 Tweet 108

CONNECT WITH US

Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
MaaS Nebula Software Factory Banner Ad MaaS Nebula Software Factory Banner Ad MaaS Nebula Software Factory Banner Ad
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
Advertisment Banner Ad Advertisment Banner Ad Advertisment Banner Ad
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad

BECOME AN INSIDER

Get Government Technology Insider news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Financial Technology Today
Future Healthcare Today
Modern Marketing Today
Retail Technology Insider
Today’s Modern Educator

Quick Links

  • Home
  • About
  • Contact Us

Become a Sponsor

Strategic Communications Group offers analytics, content marketing, and lead identification services. Interested?
Contact us!

© 2023 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

No Result
View All Result
  • Home
  • About Government Technology Insider
  • State & Local
  • Civilian
  • Defense & IC
  • Categories
    • Acquisition
    • AI & Data
    • Customer Experience
    • Cybersecurity
    • Digital Transformation
    • Hybrid Work
    • Public Safety
  • Contact Us