Top 5 information security challenges for US government agencies
Posted on 03 March 2009.
Cloakware identified the top five challenges facing federal agencies that expose them to critical security breaches. The list, compiled from in-depth conversations with industry experts and government agencies, outlines the most significant challenges facing federal organizations concerned with protecting the systems that support critical infrastructure (cyber CIP) while providing an operationally efficient environment.

With continuing reports of major security breaches and thwarted attacks at both government agencies and Fortune 2000 organizations, cyber security has never been a greater priority. Though confronting short-term economic and national defense concerns, newly elected President Obama has also ordered a 60-day review of the U.S. information security and cyber CIP policy. This call to action recognizes that a failure to implement proper security measures can facilitate internal and external threats to the confidentiality, integrity and availability of the nation's critical infrastructure.

In January 2009, the U.S. Government Accountability Office (GAO) published an update to the High-Risk Series (GAO-09-271) report outlining federal information and cyber CIP concerns. The report stated that protecting the federal government's information systems and the nation's critical infrastructure is a top-line challenge. It requires resolving identified deficiencies and fully implementing effective security programs.

In a concerted effort to comply with pending mandates from the new administration, Cloakware recognizes that government entities will be expected to implement solutions that address the following top cyber security challenges:

1. Cyber security as top-level priority - Earning cross-agency buy-in is critical for managing threats effectively, ensuring centralized and controlled access to vital information and systems.

2. Establishing and implementing consistent security initiatives - Mandating policies can be a complex and daunting task, but with insufficient processes in place to enable full accountability, agencies become susceptible to internal and external threats.

3. Preventing system disruption - Dynamic and complex technology environments, including virtualized, cloud computing or service-oriented infrastructures, make managing information access extremely difficult, requiring flexible controls and solutions to adapt and prevent interruptions - or worse.

4. Improving warning capabilities - Access to critical information assets must be monitored and managed intensively in all facets of the organization. Implementing proactive warning systems can circumvent critical incidents, limiting exposure to agency credentials and vital information that opens the agency to extreme governance risks both inside and outside its walls.

5. Strengthening incident recovery - While mitigating occurrences is the first line of defense, the ability to recover from incidents quickly without exposing critical information and access needs to be improved upon. When events do arise, privileged information and access are compromised without a disaster recovery plan in place.





Spotlight

Leveraging network intelligence and deep packet inspection

Posted on 26 November 2014.  |  Tomer Saban, CEO of WireX Systems, talks about how deep packet inspection helps with identifying emerging threats, the role of network intelligence, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Nov 27th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //