Tech Talk The latest news, reviews, and discussions for the IT professional.

Why State and Local Governments Should Worry About Foreign Threats

Why State and Local Governments Should Worry About Foreign Threats

“We’re facing an asymmetric and dynamic cyber threat landscape.” Says PCMG’s Chief Information Security Officer, Lauren Burnell.

A varied and diverse cyber landscape presents many challenges. Threats and motivations range from nation-state funded cyberespionage, cybercrime (like ransomware), and hacktivism, and attacks are made against everything from our critical infrastructure to IT supply chains. Burnell recommends framing cybersecurity into a broader conversation as it touches every piece of our ever-connected world.

“State and local are facing the same high-level challenges that Federal government and, more widely, enterprise and commercial are facing. The foundational challenges in cybersecurity are pretty universal across the board – the asymmetric threat, lack of skilled resources, and too many silos and alerts.”

One unique challenge facing State and Local governments is their responsibility for critical infrastructure. As smart cities grow and the internet of things expands the interconnected world you must be ever vigilant. “A street camera can now be leveraged as an attack vector into an internal network; this was not a problem you had before,” says Burnell. “There is a new level of ‘smart’ and connectedness to critical infrastructure technology and with it, new vulnerabilities.” Embracing new technology is important to improve the user experience of citizens and efficiency of government. “In cybersecurity, it is not possible to eliminate risk. Instead, we focus on mitigation and minimization of impact. There are always things you can do and best practices to follow to posture yourself for success.”

“A street camera can now be leveraged as an attack vector into an internal network; this was not a problem you had before.”

As a veteran of Cyberwarfare with the Navy, Lauren highlights the need for us to fundamentally change the way we approach cyber.

“It’s important to begin thinking about cyber as a warfare domain and weapon. We traditionally operated in air, sea and space. Cyber should rank equally among those. We have to start thinking differently about the way you secure information and technology.” Cyber is unique in that it touches all other arenas. Be it land, naval, or air: IT is an integral piece to every mission. “Whoever your warfighter is, whether they fight on the front lines or from behind a desk, are first responders, teachers, road crew and beyond – technology is vital to enabling the mission.”

A few weeks ago, 123 of D.C.’s 183 network video recorders were affected by ransomware, according to the  Washington Post. The hackers weaseled their way into the system the month before. 2 suspects in London were arrested.

Last month in Dallas, ransomware forced a local Police Department to erase servers containing eight years of evidence. The department’s automatic backup backed up infected files according to local ABC news. Rather than pay, the department wiped their servers clean. Many of the pending cases of which evidence has been lost are now in court much to the consternation of defendants and defense attorneys.

“If you have data – and every organization does – you should be concerned about cyber threats to include nation–state adversaries and advanced persistent threats. With increased sophistication from actors, we have to get smarter about how we defend.”

APT actors not only use technical vulnerabilities but adapt and exploit user behavior. “We need to put in place solutions that help us before, during and after an attack. Step one: know your network – you can’t defend a network you don’t know.” Burnell continues that we need preventative policy and access solutions that can give you in–depth knowledge of your networks and control over users and devices and access control. We further need deep inspection and content tools to block and defend during an attack. “Finally, we need advanced malware solutions – throughout the network and on endpoints – to ensure that in the event of an attack we can quickly identify, scope and remediate. An antivirus used to be good enough- it’s not anymore. True continuous monitoring and behavioral analysis are necessary to detect, contain, and recover when threats hit. Set yourself up for success ahead of time“states Burnell.

“An antivirus used to be good enough- it’s not anymore.”

State and local governments are expected to do more than ever with less. Lack of skilled IT resources necessitates smarter tools. A cumbersome multitude of systems leads to an uncoordinated alert overload. A never ending procession of updates to existing and new compliance measures further hinder agile methods.

To address the whole gamut of challenges think holistically about cybersecurity. This requires a shift in security solution procurement, Burnell continues. “Traditionally, organizations would invest heavily in a firewall for the network edge and not think about that ‘after’ stage. We need to look at the entire anatomy of a compromise BEFORE an attack happens to ensure we’re postured for success.”

PCMG is strategically focused on the mission. Our team of technology professionals, made up largely of veterans, understand federal government’s unique challenges. Cybersecurity is the cornerstone of our solutions portfolio of data center, networking, endpoints, cloud, consulting and managed services.

PCMG brings a depth of experience in information security design, management, and security risk analysis, along with certified and long-standing relationships with leading perimeter, infrastructure, and endpoint security vendors.  PCMG brings an arsenal of varying strategies and tools together to identify and assess the weaknesses in your network security. PCMG is leading industry’s response to IT Supply Chain Security and Enhanced Secure Mobility, and additionally offers risk, compliance, vulnerability and penetration assessments.

According to Burnell, the reality is you will be subject to a breach. The scope and damage of that breach are matched by an organization’s ability to meet potential disaster with peace of mind.