Federal BluePrint

The House Committee on Oversight and Government Reform released an investigative report in September that reviewed the Office of Personnel Management (OPM) data breaches – breaches that resulted in over 21 million stolen records. The report stated, “Despite this high value information maintained by OPM, the agency failed to prioritize cybersecurity and adequately secure high […] […]

It’s time for Feds to pack their data center bags and start moving to cloud. Yet enterprises are not as secure in their decision to move to cloud. The Blue Coat Elastic 2016 Shadow Data Threat Report showed nearly 100 percent of apps analyzed do not provide sufficient security and compliance controls to effectively protect […] […]

This just in, a threat has surfaced on an agency network. Can it be stopped in time? Continuous Diagnostics and Mitigation (CDM) combined with Symantec + Blue Coat’s security platform enables real-time threat detection, allowing agencies to mitigate and address any risks.

Agencies need visibility into their networks, control over user access, and protection of their boundaries as part of CDM.






[…]

After the OPM breach in 2015, what has the government learned? What would be done differently with today’s technology?

During a Federal News Radio interview, Aubrey Merchant-Dest, Federal CTO, Blue Coat, pointed to guidance from the National Institute of Standards and Technology (NIST) and the Department of Homeland Security (DHS) as ways for agencies to prevent another breach






[…]

Agencies continue to migrate to the cloud, but require a strong security service to protect their systems. A Cloud Access Security Broker (CASB) addresses security concerns and provides a go-between for end users and applications






[…]

FITARA addresses the following four areas: Incremental development, risk assessment transparency, IT portfolio review savings, and data center consolidation. How do these areas support cybersecurity actions?






[…]

Agencies are moving users to the cloud, but how can they streamline the process? How can it be simplified to create an enhanced user experience?

“What activities, what data, and what threat are they bringing into the cloud?” These three questions are identified as primary concepts agencies should use to assess and prevent cloud application use as necessary, then implement policies based on the answers.






[…]

Use of Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encryption is estimated at 15-25 percent of all network traffic, and growing at 20 percent annually. But by 2017, Gartner predicts “more than 50 percent of network attacks will use SSL/TLS.”

Agencies need to inspect encrypted traffic to ensure hackers are not hiding in SSL traffic.






[…]

Initially, threat classification focused only on malware or botnets – leaving the majority of web traffic unrated, and agencies exposed to vulnerabilities. The unrated information quickly became a problem as the threat landscape continued to change – new threats emerged, more data collected, complex technologies introduced. “The damage factor can be much higher than before,” warned Chris Larsen, architect on the WebPulse Threat Research Team, Blue Coat.






[…]

1 2 3

Archives