Upload File

to strengthen cybersecurity, governments need to be proactive

  • Home
  • Documents
  • To Strengthen Cybersecurity, Governments Need to Be Proactive
1
To Strengthen Cybersecurity, Governments Need to Be Proactive What’s the difference between taking a reactive or proactive approach to cybersecurity? Due to competing priorities and resources constraints, many state and local governments wait for something to infiltrate the IT environment before they take countermeasures. They suffer a ransomware attack, or they detect a threat actor when it’s already moving through the infrastructure. Cybersecurity solutions point out malicious activity they need to check out, but busy analysts and administrators can respond to only so many alerts. The rest can fall through the cracks, leaving systems vulnerable. When you take a proactive approach, you don’t wait for something bad to happen and then fix it. You keep bad things from occurring in the first place. Done right, proactive measures are simple for security teams to take on and are affordable. What preventative measures should governments deploy? Implement antivirus software or malware protection. Stay up to date on your patch management life cycle. Develop a comprehensive incident response plan. Implement a strong perimeter defense with security controls. Install a virtual private network (VPN) and implement a mobile device management tool that can track devices if they’re lost or stolen. And use machine learning to spot anomalous patterns in network activity that human observers would never catch. What are some solutions from Elastic that strongly support the proactive approach to cybersecurity? More and more, we are seeing cyber intruders take hidden footholds on systems and move laterally through the network. Being proactive requires the ability to retain and look back at older data. Elastic’s “searchable snapshot” and “frozen tier” features let you retain large data volumes for years in a format that’s immediately searchable. You don’t need to go through the time- consuming process of rehydrating stored system activity data that has been migrated off into a non-searchable snapshot. Instead, that data is available immediately for audit or investigative purposes. You can also use stored data to compare current and past activity, helping you spot anomalies or malicious activity before it spreads throughout your data center. Besides helping you gain better insight into potential threats, these features can reduce costs. Elastic’s technology allows you to ingest as much data as you’d like, but also allows you to retain your data on inexpensive media. Elastic also helps you be proactive by automating and actioning routine cybersecurity tasks. For example, when you want to investigate network activity and hunt for threats, rather than build queries from scratch, you can use our Timeline feature in Elastic Security to design queries by dragging and dropping fields. Our Kabana Lens product lets you leverage drag-and- drop capabilities to quickly develop cybersecurity dashboards for use in a security operations center (SOC). Do you have any final advice for state and local governments? Create an incident response plan and security policy. Have a centralized SOC where you can collect all of your important data and proactively monitor as well as threat hunt. Backups are extremely important, especially as a defense against ransomware attacks. Instead of paying a ransom, you can roll back to the last available good timing of your system. All these measures, coupled with employee training and awareness, can help state and local governments head off cyber attacks before they have a chance to cause serious damage. Elastic is a search company that maximizes data utility in real time. Customers worldwide use our search, observability, and security stack to achieve data-dependent use cases like website search, application performance monitoring, user behavior analysis, security investigations, and threat hunting. Deployable on cloud or on premises, Elastic delivers powerful insight, no matter the mission. Photo provided by Shutterstock.com CYBERSECURITY RESILIENCE A GOVERNMENT TECHNOLOGY Q&A Ransomware attacks cost governments in the U.S. more than $18.9 billion in 2020. 1 Government agencies also face many other types of incursions that interrupt their operations, enable identity theft, increase expenses and cause other issues. Jared Pane, senior lead solutions architect at Elastic in Mountain View, Calif., says that to avoid damaging attacks, state and local governments need to do more than merely react to cyber threats. In this Q and A, Pane shares his thoughts on how to enhance cybersecurity with a more proactive approach. © 2021 e.Republic. All rights reserved. 1 https://www.comparitech.com/blog/information-security/government-ransomware-attacks/

Upload: others

Post on 17-Jan-2022

3 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: To Strengthen Cybersecurity, Governments Need to Be Proactive

To Strengthen Cybersecurity, Governments Need to Be Proactive

What’s the difference between taking a reactive or proactive approach to cybersecurity? Due to competing priorities and resources constraints, many state and local governments wait for something to infiltrate the IT environment before they take countermeasures. They suffer a ransomware attack, or they detect a threat actor when it’s already moving through the infrastructure. Cybersecurity solutions point out malicious activity they need to check out, but busy analysts and administrators can respond to only so many alerts. The rest can fall through the cracks, leaving systems vulnerable.

When you take a proactive approach, you don’t wait for something bad to happen and then fix it. You keep bad things from occurring in the first place. Done right, proactive measures are simple for security teams to take on and are affordable.

What preventative measures should governments deploy? Implement antivirus software or malware protection. Stay up to date on your patch management life cycle. Develop a comprehensive incident

response plan. Implement a strong perimeter defense with security controls. Install a virtual private network (VPN) and implement a mobile device management tool that can track devices if they’re lost or stolen. And use machine learning to spot anomalous patterns in network activity that human observers would never catch.

What are some solutions from Elastic that strongly support the proactive approach to cybersecurity? More and more, we are seeing cyber intruders take hidden footholds on systems and move laterally through the network. Being proactive requires the ability to retain and look back at older data.

Elastic’s “searchable snapshot” and “frozen tier” features let you retain large data volumes for years in a format that’s immediately searchable. You don’t need to go through the time-consuming process of rehydrating stored system activity data that has been migrated off into a non-searchable snapshot. Instead, that data is available immediately for audit or investigative purposes. You can also use stored

data to compare current and past activity, helping you spot anomalies or malicious activity before it spreads throughout your data center. Besides helping you gain better insight into potential threats, these features can reduce costs. Elastic’s technology allows you to ingest as much data as you’d like, but also allows you to retain your data on inexpensive media.

Elastic also helps you be proactive by automating and actioning routine cybersecurity tasks. For example, when you want to investigate network activity and hunt for threats, rather than build queries from scratch, you can use our Timeline feature in Elastic Security to design queries by dragging and dropping fields. Our Kabana Lens product lets you leverage drag-and-drop capabilities to quickly develop cybersecurity dashboards for use in a security operations center (SOC).

Do you have any final advice for state and local governments? Create an incident response plan and security policy. Have a centralized SOC where you can collect all of your important data and proactively monitor as well as threat hunt. Backups are extremely important, especially as a defense against ransomware attacks. Instead of paying a ransom, you can roll back to the last available good timing of your system. All these measures, coupled with employee training and awareness, can help state and local governments head off cyber attacks before they have a chance to cause serious damage.

Elastic is a search company that maximizes data utility in real time. Customers worldwide use our search, observability, and security stack to achieve data-dependent use cases like website search, application performance monitoring, user behavior analysis, security investigations, and threat hunting. Deployable on cloud or on premises, Elastic delivers powerful insight, no matter the mission.

Photo provided by Shutterstock.com

CYBERSECURITY RESILIENCE A GOVERNMENT TECHNOLOGY Q&A

Ransomware attacks cost governments in the U.S. more than $18.9 billion in 2020.1 Government agencies also face many other types of incursions that interrupt their operations, enable identity theft, increase expenses and cause other issues.

Jared Pane, senior lead solutions architect at Elastic in Mountain View, Calif., says that to avoid damaging attacks, state and local governments need to do more than merely react to cyber threats. In this Q and A, Pane shares his thoughts on how to enhance cybersecurity with a more proactive approach.

© 2021 e.Republic. All rights reserved.1 https://www.comparitech.com/blog/information-security/government-ransomware-attacks/

Building strong cybersecurity in the European Union · BUILDING THE CAPACITY TO PROTECT The EU works on many fronts to strengthen cybersecurity and cyber resilience. It has an advanced

Contents Review v50n3 2017_0.pdf · strengthen cybersecurity and protect the nation’s power grid. Indeed, the biggest difference may simply be the stakes that necessarily accompany

Darknet and Deepnet Mining for Proactive … · Darknet and Deepnet Mining for Proactive Cybersecurity Threat Intelligence Eric Nunes, Ahmad Diab, Andrew Gunn, Ericsson Marin , Vineet

GAO-04-628T CRITICAL INFRASTRUCTURE PROTECTION: … · strengthen the cybersecurity of control systems. The President’s National ... natural gas distribution, they can monitor and

HomeWorks QSX Processor SPEC (3691127) · HomeWorks QSX System Security Statement Lutron takes cybersecurity very seriously. We actively monitor the threat landscape and take a proactive

CYBERSECURITY ROADMAP CYBERSECURITY OPERATIONS …

Cybersecurity on IoT€¦ · Estratégia de Segurança em Sistemas de Automação Industrial System Patches Network Segmentation Anti-virus Incidentsignificant attack Response Proactive

Cybersecurity - Bryan, Garnier & Co · CYBERSECURITY VENDORS 16 PREVENTION AND DETECTION TOOLS ARE REACTIVE. TAKING THE NEXT STEP MEANS BEING PROACTIVE: THE RISE OF CYBER THREAT INTELLIGENCE

CYBERSECURITY RISK DISCLOSURE AND CYBERSECURITY DISCLOSURE ... · CYBERSECURITY RISK DISCLOSURE AND CYBERSECURITY DISCLOSURE GUIDANCE ABSTRACT Cybersecurity risk disclosure has received

A Leader in Cybersecurity CASE STUDYAs a data backup and recovery solution, Axcient’s brand relies on security. Industry insights that enable their proactive remediation activities

Contents · Contents Introduction 4 Competitions 7 Cyber Defense Exercises and Competitions 7 History of the CCDC 7 The CCDC Competition 8 ... cybersecurity education and strengthen

Relocation of EU Industry An Overview of Literature · Relocation of EU industry - an overview of literature ... devising a proactive industrial policy to strengthen the industrial

GAO-17-440T, CYBERSECURITY: Actions Needed … . Actions Needed to Strengthen U ... the steady advances in ... critical infrastructures—referred to as cyber critical infrastructure

How to use cybersecurity to generate business value - EY · How to use cybersecurity to generate business value ... benefit their own careers and help strengthen the security of their

IMPROVING CYBERSECURITY ISK ANAGEMENT IN FEDERAL … · Ultimate goal of the recommendations is to strengthen the federal government’s cybersecurity by improving management of the

ANNUAL DEBT FINANCING STRATEGY · To strengthen the function of Investor Relations Unit, among others, through proactive dissemination of information, rapid and effective responses,

Connecting the dots: A proactive approach to cybersecurity ... · A proactive approach to cyber security oversight in the boardroom . 3. Cyber security: a business . and boardroom

Volume 2 | April Industrial Cybersecurity · Proactive Risk-Based Insights Into Vulnerabilities With real-time information you’ll always know your risk profile and be ready to

EMERGING TECHNOLOGIES IN CYBERSECURITY · EMERGING TECHNOLOGIES IN CYBERSECURITY | Randall Lewis 1 EMERGING TECHNOLOGIES IN CYBERSECURITY ... Cybersecurity and Cybersecurity Technologies

Darknet and Deepnet Mining for Proactive Cybersecurity ... · Darknet and Deepnet Mining for Proactive Cybersecurity Threat Intelligence Eric Nunes, Ahmad Diab, Andrew Gunn, Ericsson

Critical Cybersecurity Questions Cybersecurity... · Critical Cybersecurity Questions 1 • How do you measure successful cybersecurity efforts? • Who is accountable for cybersecurity?

HP Proactive Care - personalized, proactive and simplified

Capacity Building to Strengthen Cybersecurity: Thailand Updateaseanregionalforum.asean.org/wp-content/uploads/... · (2013) Monetary reward scheme IT and Cybersecurity personnel Partner

Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1

SECURITY PROACTIVE CYBERSECURITY

Improve Operations Performance - Emerson · Emerson’s Cybersecurity Solutions Help Improve Operations Performance While it is possible to strengthen process control systems and

A PROACTIVE APPROACH TO CYBERSECURITY · Know (and Protect) Your Gaps Knowledge is power, and this holds especially true for cybersecurity. Organizations struggle with the lack of

2019 Business Results “Proactive Response to Climate Changes” 3 Environment Friendly Management 2020 Management Strategy ESG Management for Sustainability 5 Level up the core Strengthen

ITU and Academia - UNECE · ITU and Academia ... Media Accessibility (FG AVA) Geneva, 8 November 2012 . Cybersecurity & Identity Strengthen the confidence and security in the use

Can Cybersecurity Be Proactive? A Big Data …...AnonOps IRC, Metasploit IRC, Google Project Zero, blackhat.com, GMANE.org, seclists.org) to identify emerging concepts. In this way

Medical Devices and Cybersecurity - UL · medical devices but do not expressly address cybersecurity considerations. In contrast, the U.S. FDA has taken a more proactive approach

Department of Homeland Security · 2016-05-12 · Department of Homeland Security DHS Can Strengthen Its International Cybersecurity Programs ... global cyberspace and critical infrastructure

Can Cybersecurity Be Proactive? A Big Data Approach and Challenges · 2017. 6. 8. · Can Cybersecurity Be Proactive? A Big Data Approach and Challenges Hong-Mei Chen Shidler College

MONIT R ICS-CERT Notable Incident · 2019. 3. 27. · ICS-CERT conducts onsite cybersecurity assessments of industrial control systems (ICSs) to help strengthen the cybersecurity

Fourth Annual Latin America Privacy & Cybersecurity Symposium · specific operational risk controls. • Establish a strategic, forward looking, fluid and proactive approach to cybersecurity