Federal BluePrint

The House Committee on Oversight and Government Reform released an investigative report in September that reviewed the Office of Personnel Management (OPM) data breaches – breaches that resulted in over 21 million stolen records. The report stated, “Despite this high value information maintained by OPM, the agency failed to prioritize cybersecurity and adequately secure high […] […]

It’s time for Feds to pack their data center bags and start moving to cloud. Yet enterprises are not as secure in their decision to move to cloud. The Blue Coat Elastic 2016 Shadow Data Threat Report showed nearly 100 percent of apps analyzed do not provide sufficient security and compliance controls to effectively protect […] […]

This just in, a threat has surfaced on an agency network. Can it be stopped in time? Continuous Diagnostics and Mitigation (CDM) combined with Symantec + Blue Coat’s security platform enables real-time threat detection, allowing agencies to mitigate and address any risks.

Agencies need visibility into their networks, control over user access, and protection of their boundaries as part of CDM.






[…]

After the OPM breach in 2015, what has the government learned? What would be done differently with today’s technology?

During a Federal News Radio interview, Aubrey Merchant-Dest, Federal CTO, Blue Coat, pointed to guidance from the National Institute of Standards and Technology (NIST) and the Department of Homeland Security (DHS) as ways for agencies to prevent another breach






[…]

Agencies continue to migrate to the cloud, but require a strong security service to protect their systems. A Cloud Access Security Broker (CASB) addresses security concerns and provides a go-between for end users and applications






[…]

FITARA addresses the following four areas: Incremental development, risk assessment transparency, IT portfolio review savings, and data center consolidation. How do these areas support cybersecurity actions?






[…]

Agencies are moving users to the cloud, but how can they streamline the process? How can it be simplified to create an enhanced user experience?

“What activities, what data, and what threat are they bringing into the cloud?” These three questions are identified as primary concepts agencies should use to assess and prevent cloud application use as necessary, then implement policies based on the answers.






[…]

Use of Secure Sockets Layer (SSL)/Transport Layer Security (TLS) encryption is estimated at 15-25 percent of all network traffic, and growing at 20 percent annually. But by 2017, Gartner predicts “more than 50 percent of network attacks will use SSL/TLS.”

Agencies need to inspect encrypted traffic to ensure hackers are not hiding in SSL traffic.






[…]

Initially, threat classification focused only on malware or botnets – leaving the majority of web traffic unrated, and agencies exposed to vulnerabilities. The unrated information quickly became a problem as the threat landscape continued to change – new threats emerged, more data collected, complex technologies introduced. “The damage factor can be much higher than before,” warned Chris Larsen, architect on the WebPulse Threat Research Team, Blue Coat.






[…]

Is your agency throwing money down the drain? Without a comprehensive SSL encryption solution, you could be wasting money and not even know it.

Malware, hidden threats, and additional attacks are constantly trying to break into networks. SSL/TLS encryption delivers the defense agencies need to protect their cybersecurity investments.






[…]

Reports say 100,000 new malware samples are discovered every day. And, according to a recent survey, 62 percent of DoD IT pros identified foreign governments as one of the greatest source of IT threats. Bloomberg reports the U.S. military, “is seeking $34.7 billion through 2021 to boost cybersecurity capabilities.”

How can agencies identify – and mitigate – threat actors, whether they come from nation states or within the U.S.?






[…]

IT is evolving and agency security needs are changing with it.

There needs to be a “fundamentally different way that we secure [IT] services,” said Rob Palmer, deputy chief technology officer, DHS, during a recent webcast.

“It took us a decade or more to get a good support model in place for what we are now considering legacy IT,” Palmer continued. Now agencies are hoping to transition from legacy IT to the cloud.






[…]

As the 2016 election grows closer, IT pros are wondering when the Presidential candidates will tackle ongoing cyber security concerns and questions. CBS News reports, “Fifty-five percent of information security professionals believe cyber security should be a key issue in the 2016 election.” But is it?

Blue Coat’s Chief Operating Officer, Michael Fey, prompts five cyber questions each candidate should consider.






[…]

FedRAMP is not accelerating the path to the cloud for Federal agencies as quickly as anticipated. But, recognizing potential saving opportunities and significant operational and efficiency benefits, Feds are ready to move. A research analyst at Deltek stated, “Fiscal 2016 will be a year when cloud spending picks up greater speed…”

It’s time to clear the most significant barrier to cloud adoption – security concerns.






[…]

The volume and variety of endpoints is growing, as more and more devices connect to Federal networks. Feds are worried security can’t keep up.

A recent MeriTalk report estimates 44% of endpoints that access Federal agency networks are at risk. And nearly one-third have experienced breaches via endpoints.






[…]

The Chief Information Security Officer (CISO) community has good reason to stay awake at night. Recently, hackers breached the Department of Justice (DoJ), released over 9,000 Department of Homeland Security (DHS) employees information, and claimed they will leak data for 20,000 FBI employees, according to Computerworld.






[…]