States Improving Cybersecurity Posture Through NGA Partnership

By Rachel Eckert, SLED Manager

The National Governors Association (NGA) recently announced a partnership with states and territories that are looking to enhance their cybersecurity posture through the implementation of key controls to mitigate future attacks.

After a competitive application process, the six states and one territory chosen were Arkansas, Guam, Louisiana, Maryland, Massachusetts, Ohio and Washington. Through a series of workshops between now and the end of the year, NGA, along with their respective homeland security agencies and National Guard units, will coordinate with state agencies, local government and K-12 schools to develop methods of improving existing cybersecurity approaches.

During the workshops, participants will brainstorm new methods to protect critical infrastructure, and vendors may discover new business opportunities. In addition to developing more comprehensive strategies and collaborating with neighboring governments, the participants will be focusing on implementing six key controls outlined by the Center for Internet Security:

Read more of this post

DHS CISO Talks About Authentication, Supply Chain and Internet Regulation

By Lloyd McCoy, Market Intelligence ManagerLloyd McCoy Jr.

At a recent immixGroup vendor demo day, Paul Beckman, CISO at the Department of Homeland Security, touched on several technological challenges and frustrations that concern him – topics ranging from patching to supply chain risk to the inevitability of security regulations surrounding the internet.

“I want to get out of the patching business,” Beckman noted, asking, “why can’t I go to automatic updates?” “I don’t understand why we’re still relying on the selected pushing of patches,” he continued. A decade ago a service patch might have created the “blue screen of death” on machines, Beckman said, so that even today, “the ops side of the house is telling me, ‘what are we going to do if we get a bad patch?’”

“My response to them is that restore capability has matured greatly in the last decade. Something goes bad in the machine, push a button, you’re back to where you were at midnight last night.” Beckman added that technology has advanced to the point where the bad patch argument can be discounted and end points can go to automatic patching.
Read more of this post

Vendor Innovations in Cybersecurity: From Browsers to IoT to Mobile

By Tim Larkins, Senior Director, Market Intelligence and Corporate Development

Threats to network security have evolved and vulnerable attack vectors have expanded – from browsers to mobile devices to the increasingly interconnected appliances that are part of the Internet of Things (IoT). Vendors of cybersecurity solutions are now branching out beyond their initial niches to embrace wider aspects of security.

In immixGroup’s recent panel discussion during Cyber Ops Demo Day held earlier this month, six of industry’s most prominent vendors each described what they were doing to help prevent security breaches in this era of multiple security attack vectors.

Marlin McFate, federal CTO, Riverbed Technology, said his company has broadened its reach beyond network monitoring, application monitoring and user monitoring to security issues ranging from insider threat to exfiltration. Riverbed’s acquisition of FlowTraq has integrated that capability into its visibility solution. The technology allows for security problems to be analyzed from a behavioral perspective, to identify devices that are no longer acting like normal appliances or system users that are not actually part of the organization.

Read more of this post

Government Needs to Shore Up Security Readiness – Before the Next Shutdown

Lloyd McCoy Jr.

By Lloyd McCoy, Market Intelligence Manager

Whether it’s through government shutdowns or cyber threats, the possibility of government having to unexpectedly operate at reduced capacity is greater than ever. While it appears that the recent partial shutdown had minimal impact on security readiness, we should count ourselves lucky instead of expecting such an outcome to be the norm.

With the resumption of full government operations, all agencies, not just those affected, should take stock and partner with industry to shore up their posture in two areas, risk management and AI.

Risk Management

Government agency risk management strategies have traditionally emphasized the threat landscape and vulnerability of attack surfaces. Expect agencies to take a hard look at their risk posture to determine whether they’ve adequately factored in the impact of government shutdowns. This is an area where industry can play a role – helping agencies adjust their security readiness in an environment where reduced operations may become more of a norm.

Work with your government customer or prospect to ensure that proper backup and recovery capabilities are in place, that their systems and networks have the right kind of resiliency and segmentation solutions in place, and that the security personnel are equipped with the right tools to “put out fires” when workforce and capacity levels are compromised.

Read more of this post

Changes to DHA Will Impact Cybersecurity Needs

Lloyd McCoy Jr.By Lloyd McCoy, Market Intelligence Manager

The mandates in the National Defense Authorization Acts of 2017 and 2019 called for greater centralization of the military health system. We are now seeing these initiatives being set in motion. One prime example is the migration of the Army, Navy and Air Force’s more than 400 military hospitals and clinics under the umbrella of the Defense Health Agency. I recently attended an AFCEA luncheon where Dr. Barclay Butler, the Component Acquisition Executive for DHA, and Pat Flanders, DHA CIO, spoke extensively on the ongoing consolidation, as well as other initiatives which promise to impact how those selling IT should approach defense health IT leaders.

Measurability and efficiency are driving the trend toward centralization and standardization across the Defense Health establishment. This is particularly applicable for security vendors since DHA wants to instill commonality in cybersecurity services and tools — from the largest military hospitals to the widely dispersed clinics. The two leaders urged industry that when engaging with Army, Navy and Air Force hospitals and clinics, think of the big picture. How can your solution work and be applicable across the entire military health enterprise?

Measurability

Butler and Flanders spoke at length about the need to measure outcomes. For security solutions, that means being able to better monitor threats and speed of remediation. Nothing new on the surface, but this requirement becomes more complicated as more and more military facilities get subsumed under DHA, with all the network architecture and migration challenges that come with the transition. Having a steady dialogue with DHA or one of the service medical commands is critical to ensure that safety and security aren’t negatively impacted by these changes – while ensuring that the hospitals and clinics have robust capabilities for measuring and auditing their security posture.

Read more of this post

Behold the New Cybersecurity and Infrastructure Security Agency

By Kevin Shaker, Consultant

For a long time now, we have been talking about a change in the mission scope and organizational structure of the National Protection and Programs Directorate, the agency largely responsible for securing federal networks and protecting critical infrastructure. But now, it seems that the 2017 bill to rename, reorganize and solidify its role at the department has finally happened.

The agency has officially been renamed the Cyber and Infrastructure Security Agency or CISA. The president signed into law the CISA Act of 2018 on November 16, 2018. The bill had been looming over Congress for some time.

Here are a few things industry will want to know about the agency’s new facelift:

Read more of this post

FY19 Advice From DISA Industry Day

By Ryan Granato, Analyst

At their recent forecast to industry, DISA outlined a future built around mobility, cybersecurity, small businesses and the importance of targeted industry pitches. Here are key insights from DISA leaders for securing FY19 business:

Selling to DISA
When selling to DISA, it is paramount for industry to tailor their pitch to how their solutions can work specifically for outlined requirements and referenced pain points. According to Dave Bennett, director of DISA’s operations center, nine out of ten times what worked for industry commercially will not work for DISA. Even more so, he says that any pitches that reference past performance for industry will not be met with open arms. Bennett goes so far as to say, “I will zero my mind out. I will be singing la la la in the back of my head.” For best practices, Bennett says that industry must come armed with knowledge directly associated to the area they are looking to support.

Read more of this post

%d bloggers like this: