Tech Talk The latest news, reviews, and discussions for the IT professional.

Why State and Local Governments Should Worry About Foreign Threats

Why State and Local Governments Should Worry About Foreign Threats

A varied and diverse cyber landscape presents many challenges. Threats and motivations range from cyberespionage, ransomware, to hacktivism. Cyber attacks on everything from critical infrastructure to IT supply chain dominate news headlines. Lauren Burnell, PCMG’s Chief Information Security Officer, recommends framing cybersecurity in a broader context to encompass all facets of our increasingly connected world.

“We’re facing an asymmetric and dynamic cyber threat landscape,” says Burnell. “State and local governments are facing the same high-level challenges as Federal, and more widely enterprise and commercial. The foundational cybersecurity challenges are universal: asymmetric threats, lack of skilled resources, lack of collaboration, and alert fatigue.”

State and Local governments have a critical responsibility for infrastructure. As smart cities grow, the internet of things expands. State and local governments must be vigilant and have cybersecurity forthright in each implementation.

“Today, street cameras are attack vectors. This was just not a problem we had before,” says Burnell. “There is a new level of ‘smart’ and connectedness to critical infrastructure and with it new vulnerabilities.” Embracing new technology is important to improve user experience and government efficiency. Doing so safely takes tact and forthright thinking.

“In cybersecurity, it is not possible to eliminate risk. Instead, we focus on mitigation and minimization of impact. There are existing tools and best practices to posture an organization for success.”

A few weeks ago, 123 of D.C.’s 183 network video recorders were affected by ransomware, according to the Washington Post. The hackers weaseled their way into the system a whole month before launching the attack. The two suspects in question, were arrested in London.

Last month in Dallas, ransomware actors twisted the arm of a local Police Department. The department’s automatic backup failed to differentiate local versus infected files according to local ABC news. Rather than pay, the department wiped their servers clean along with eight years of evidence from infected servers. Many pending cases will need to do without that evidence; much to the consternation of defendants and defense attorneys.

“If you have data, and every organization does, you should be concerned about cyber threats; including nation–state adversaries and advanced persistent threats. With increased sophistication from actors, we have to get smarter about how we defend.”

A Navy veteran of cyberwarfare, Lauren encourages a fundamental shift in framing the cyber conversation. It’s important to begin thinking of cyber as a warfare domain and weapon. Traditionally, battles were fought in air, land, sea, and space. Cyber ranks equally among those yet unique in that it touches all areas. No matter the mission, be it Artillery or Maintenance Worker, IT plays an integral role.

APT actors not only use technical vulnerabilities but adapt and exploit user behavior. “We need to put in place solutions that help us before, during and after an attack. Step one is to know your network. You can’t defend what you can’t see,” says Burnell. Preventative policy and access solutions give in-depth knowledge of networks and control over user devices and access. Further, use of deep inspection and content tools block and tackle against an attack.

“Finally, implementation of an advanced malware solutions, throughout the network and on endpoints, ensure that in the event of an attack we can quickly identify, scope and remediate. An antivirus used to be good enough- it’s not anymore. True continuous monitoring and behavioral analysis are necessary to detect, contain, and recover when threats hit. Set yourself up for success ahead of time“ states Burnell.

State and local governments are expected to do more than ever with less. Lack of skilled IT resources necessitates the need for smarter tools. A precarious stack of systems leads to an uncoordinated effort and alert overload. A never ending procession of updates to existing and new compliance measures further sets back hope for agile methods.

To address these challenges look at cybersecurity holistically. Burnell suggests a shift in security solution procurement.

“Traditionally, organizations would invest heavily in a firewall for the network edge without consideration of the ‘after’ stage. To position for best possible outcome, look at the entire anatomy of a compromise BEFORE an attack happens.”

According to Burnell, the reality is you will be subject to a breach. The scope and damage of that breach is matched by an organization’s ability to meet potential disaster with peace of mind.

PCMG is strategically focused on the mission. Our team of technology professionals, made up largely of veterans, understand federal government’s unique challenges. Cybersecurity is the cornerstone of our solutions portfolio of data center, networking, endpoints, cloud, consulting and managed services.

PCMG brings a depth of experience in information security design, management, and security risk analysis, along with certified and long-standing relationships with leading perimeter, infrastructure, and endpoint security vendors. PCMG brings an arsenal of varying strategies and tools together to identify and assess the weaknesses in your network security. PCMG is leading industry’s response to IT Supply Chain Security and Enhanced Secure Mobility and additionally offers risk, compliance, vulnerability and penetration assessments.