By Omar Rafik, SolarWinds Senior Manager, Federal Sales Engineering
Here’s an interesting article on defending against foreign hackers. If you give an IT pro the right training and tools, there’s no question that they’ll be better prepared.
Cybersecurity has become a hot topic of conversation. From Facebook to DHS, both private and public organizations have become extraordinarily cognizant of the potential threats posed by external hackers.
Last year, Director of National Intelligence Dan Coats sounded the warning bells. In his Worldwide Threat Assessment of the U.S. Intelligence Community, Coats wrote:
“The potential for surprise in the cyber realm will increase in the next year and beyond as billions more digital devices are connected—with relatively little built-in security—and both nation states and malign actors become more emboldened and better equipped in the use of increasingly widespread cyber toolkits.”
Meeting these challenges may be difficult, but not impossible.
By focusing on people, technology, and planning, federal network administrators may get a better handle on their networks, while strengthening security policies that can keep the bad actors at bay.
Hire the Right People, and Train the Ones Already in Place
Hackers are smart. They learn from being deterred.
It’s extremely important that agency personnel are continually trained about hackers’ latest exploits. This knowledge can be critical to detecting and reacting to potential threats.
Agencies should make investing in ongoing security education and training a top priority.
IT teams should also proactively use and scour all resources at their disposal—including social media channels, networking groups, and threat feeds—to keep up to speed on hacker activity, malware, and more.
Arm Employees With the Proper Tools
Today’s defense agencies are dealing with massive amounts of data, thousands of connected devices, and private, public, and hybrid cloud infrastructures. Manual monitoring approaches and traditional tools will likely be ineffective in these environments.
Effective federal security and network monitoring go hand-in-hand with solutions that can automatically scan and respond to potential anomalies, wherever they may be. For example, if an application becomes compromised, it can be difficult to trace the problem back to its source, particularly if that application exists within a hybrid IT environment.
Teams need tools that provide deep visibility into the entirety of their networks, so they can locate and quickly correct the issue before it becomes a critical problem. Agencies also need a means of tracking devices as they appear on their networks. If a rogue or unauthorized device attempts to access the network, administrators can track it directly to its user.
That user could be a member of a foreign hacking group, or a bad actor who obtained a DoD employee laptop that may have been erroneously left behind. Without the proper tools in place, there may be no way to know, and certainly no way to immediately block the device or shut down network access privileges.
Develop—and Continuously Update—Security Strategies
A strategy shouldn’t simply be bullet points in an email, but a well-formulated plan that outlines exactly what steps should be taken in case of a breach.
The security strategy should also be continually updated. Threats do not stand still; neither should security plans.
In addition to their daily checklist of action items (log reviews, application patching, etc.), IT teams should plan on testing and updating their security procedures on a regular cadence—annually, at minimum, if not more frequently.
By building a powerful combination of the right people, the right tools, and the right strategies, defense agencies will be well equipped to combat these new threats.
Find the full article on American Security Today.
The SolarWinds trademarks, service marks, and logos are the exclusive property of SolarWinds Worldwide, LLC or its affiliates. All other trademarks are the property of their respective owners.