For years now, government agencies have dealt with cyber attacks as a normal part of meeting their missions. As particularly high profile targets, not only for hacktivist groups looking to make their mark, but also foreign governments looking for intelligence, federal agencies have had to react to attacks on online systems and assets and struggled to keep pace with the basic patches and solutions while also meeting audit requirements. But what if this approach were superseded?
Based on a recent Center for Strategic and International Studies report, 85 percent of attacks could be stopped by implementing a continuous diagnostics and mitigation (CDM) solution. Moreover, a CDM solution would reduce the amount of paperwork, meet audit requirements more seamlessly, and cut expenditures so that more money could be spent on actually securing systems to a higher standard, rather than on documenting procedures. In other words, CDM enables the automation of control testing and progress tracking, which, in turn, enable the identification of problems in minutes, as opposed to years, and remediation to take place in days, versus months. And, because the Department of Homeland Security (DHS) is coordinating these efforts across all government agencies, agencies would receive visibility into patterns of attack activity across the entire .gov domain, reducing the number of unknown attacks and further bolstering the nation’s cyber security.
Recently, John Streufert, Director of Federal Network Resilience at the Department of Homeland Security, and a leading voice of the CDM movement, participated in a webinar with CDM and cyber security solution supplier, McAfee, to share CDM best practices. Click here to watch the webinar.