By Joe Kim, SolarWinds Chief Technology Officer
Before last year, I bet you never gave a second thought to Alexander Hamilton. However, a popular musical has brought the United States’ first Secretary of the Treasury to center stage.
Hamilton had some really great quotes. Here’s one of my favorites: “Safety from external danger is the most powerful director of national conduct.”
Hamilton wasn’t talking about cybersecurity, but his words are nevertheless applicable to the subject. As threats multiply and gain complexity, federal IT professionals are feeling the pressure and must take measures to protect their agencies from external danger.
Last year, my company, SolarWinds, issued the results of a cybersecurity report and survey that ascertained the level of concern amongst federal IT administrators about growing threats. Out of 200 government IT professionals surveyed, forty-four percent mentioned threat sophistication as the number one answer to why agencies are more vulnerable today, while twenty-six percent noted the increased volume of threats as their primary concern.
Hamilton would tell you to take the bull by the horns. Agency IT administrators should take a cue from old Alex and adopt ways to address their concerns and fight back against threats.
The fight for independence… from bad actors
Every successful fight begins with a strategy, and strategies typically begin with budgets. As these budgets continue to tighten, agency personnel must continue to explore the most cost-effective options.
Software acquisition can be more efficient and budget friendly. Agencies can download specific tools at lower costs. Further, these tools are typically designed to work in heterogeneous environments. These factors can help IT managers cut through red tape while saving money.
The right to bear software
No revolution can be won without the proper tools, however. Thankfully, the tools that IT managers have at their disposal in the fight against cyber threats are numerous and powerful.
The primary weapon is security information and event management (SIEM) software. Automated SIEM solutions can help managers proactively identify potential threats and react to them as they occur. Agencies can monitor and log events that take place on the network—for instance, when suspicious activity is detected from a particular IP address. Administrators can react by blocking access to a user or device, or identifying and addressing policy and compliance violations.
These solutions have been successful in helping agencies detect and manage threats. According to our survey respondents, users of SIEM software are better able to detect, within minutes, almost all threats listed on the survey. Other tools, such as configuration management software that lets managers automatically adjust and monitor changes in network configurations, have also proven effective at reducing the time it takes to respond to IT security incidents.
Hamilton once said “a promise must never be broken.” The promise that federal IT managers must make today is to do everything they can to protect their networks from mounting cybersecurity threats. It’s certainly not an easy task, but with the right strategies and tools, it might very well be a winnable battle.
Find the full article on GovLoop.