Cyber Security’s Night Cap

What keeps agency leaders up at night? After locking their own doors, do their minds turn to securing their agency networks in a tough budget environment? We are living in an age where doing more with less has become the norm rather than the exception. How to maintain secure agency networks in this environment has many federal leaders’ minds racing.  

For those who are losing sleep over the issue, the good news is cyber security doesn't have to take a hit when your budget does. Here are a few tips to help boost your security posture and rest at night:

1. Think about security in a new way. Consider everywhere you can focus on security. Within your agency, make sure security needs are integrated and working hand-in-hand with traditional IT. Then it's easier to move to the next step of collecting data from non-traditional data sources.

2. Collect information from systems about processor utilization, power consumption, disk space, memory utilization logs from storage systems, and other sources of information on the network. This will give you your baseline. Once you have established this baseline, it will be easier to highlight anomalies on the network which could reveal a security breach.

3. Assign weights to resources within your network – not just network devices such as switches and routers, but critical sources of data like databases or SharePoint sites. Then you can begin to assess the impact of an event on your environment and accurately assign resources to minimize the risk.

The goal is to move toward real-time situational awareness. By embracing a new approach to cyber security, you can increase your visibility into your risk posture without having to buy new products. This is made possible by collecting and analyzing data from resources you already have in your environment.

In the end, may this keep your cyber security worries out of sight…or at least for tonight.

Lee Vorthman, CISSP, Cyber Practice Lead, NetApp U.S. Public Sector

Check out how NetApp helps agencies’ rest easy in cyber security.


Good comments to go along with the new Cyber Security Executive Order.  Times are tough and we need to think about how we do with what we have.  I'm interested to hear how your thoughts on managing the bring your own device movement and how this is impacting security in agencies. 

vorthman Netapp Alumni

BYOD is a challenge every organization is facing - from the government to the private sector. The BYOD phenomenon is challenging for organizations because they no longer have direct control over the devices being used to access their network. This de-perimeterization requires organizations to prioritize their risk in terms of what level of access they will allow these devices to have and how much flexibility they are willing to tolerate with devices. At the very basic level security for BYOD is provided by VPNs, but this really only protects the transport layer (data across the wire) and does nothing to protect data stored on devices. For tablets and phones security is currently provided by apps and middleware - at least for the foreseeable future. These apps provide not only a secure transport layer back to the organization, but will provide an encrypted container that sanboxes and/or securely wipes all of the data on the device. For laptops, organizations will need to set appropriate policies requiring security. This may require enforcing software security and patch levels with network access controls, or requiring employees to have the IT function install basic security like an HBSS and full disk encryption. At the end of the day it comes down to risk - BYOD is convenient and offsets IT costs, but shouldn't be adopted at the expense of the organization's security.