Cybersecurity

Patching your cybersecurity foundation

gloved hands

All too often, an organization's focus on cybersecurity looks outward to external threats, solutions and guidance. But the real problem might not only be inside, but within the organizational structures that comprise an agency's operations writ large.

While the insider threat is a hot topic and a very real concern, it is the division between internal teams – specifically the IT and information security operations teams -- which can allow the opportunity for insiders to go bad. Combined with a lack of awareness or support at the top, the fractured approach can equal a cracked cybersecurity foundation.

"There is a disconnect between the C-suite staff, those business managers, the IT staff and the information security staff," said Rich Cespiva, assistant professor of cyber at the information and integrated operations department, part of National Defense University's iCollege "Does your information security team have an understanding of your organization that actually rivals what your C-suite staff and higher-level managers have? Because having an understanding of what your agency does and how it does it leads to an enhanced and protected posture."

Cespiva spoke Oct. 16 at an FCW-sponsored cybersecurity event in Washington, D.C.

Having those teams operating in separate silos can be costly from a security and financial standpoint, particularly when a single cyberattack can end up costing an agency millions of dollars. It is a risk that continues to grow as increasingly high-tech solutions are introduced and systems become more interdependent amid shared services.

Information security and IT operations "being disconnected ultimately leads to lapses in security and puts data and systems at risk," said Sanjay Castelino, vice president of market leader network management business at SolarWinds Inc., an IT management and monitoring software firm. "This is not a new risk, but as systems have grown more complex, the risk of [information security and IT operations] running from different sets of data, viewed through the lens of different systems, can make it harder to identify threats and address them in a timely manner."

Central to the issue is the ease of accessing and sharing data that is critical to enterprise security, including what is happening on the organization's networks. Conventionally that data has been used to monitor network availability and performance, but exploiting it for security and forensic uses can better secure the network, Castelino noted.

The goal is to have all the data collected available to both IT and information security operations as common tools, allowing for more of a continuous-monitoring approach.

"Talking the same language, seeing the same data – that wasn't always the case in the past," Castelino said. "That's a big shift. It means there are efficiencies gained because you're not either buying or building completely disparate separate systems, you're investing together in solutions that will help access shared data."

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.