IT and Threat Reduction Evolve Together
Fighting cyberthreats is a never-ending job. Whether it’s traditional ransomware or newer threats targeting 5G and internet-attached sensors, hackers continue to change their methods.
For federal agencies, keeping pace with cyberthreats isn’t the entirety of the battle. They also must comply with a growing list of regulations governing how to fight those threats. These dual challenges require a change in both the approach and technology agencies use to remain secure.
The variety of cyber incidents bedeviling federal organizations continues to grow. According to a recent report, government agencies have among the highest rates of breaches of any industry.
While ransomware and phishing attacks make up the majority of threats, hackers are changing their methods and introducing new types of attacks. They are using artificial intelligence and machine learning to continually change their code, making it undetectable, able to bypass filters and capable of hiding in everyday applications.
Hackers also are continually creating new types of malware, some of which have grown significantly over the past year. Fileless malware, which uses existing applications and protocols to deliver malicious payloads and infiltrate networks, is one of the fastest growing. Trend Micro reports that fileless attacks grew by 256 percent over the first half of 2019 alone.
IT modernization can inadvertently increase vulnerability. Newer technologies adopted by agencies to speed processes and improve productivity can be ripe for attacks. Internet-attached sensors, commonly called IoT (Internet of Things) devices, provide a large canvas for hackers to modify firmware and gain access, capturing data and infiltrating networks. IoT devices today can be almost anywhere in an agency’s environment — a Voice over IP (VoIP) phone, Wi-Fi printer, smart thermostat, network-attached storage device, or security camera. One report estimates that attacks on IoT devices tripled in the first half of 2019 alone.
Elsewhere, 5G wireless technology is overtaking the 4G mobile communications standard. The faster, advanced mobile technology is expected to support greater productivity, yet it also introduces risk. Its speed could induce workers to use it instead of an agency’s more secure Wi-Fi network. The subsequent loss of visibility could present an opportunity for hackers to launch man-in-the-middle or Denial of Service attacks, to find users’ locations or to hijack devices in order to steal services or data.
A different approach
Defeating increasingly sophisticated threats to security requires a proactive posture and a Zero-Trust approach in which an agency’s systems assume that no person or technology is trustworthy until it has been vetted.
“Zero Trust is not a device or specific product, but rather an approach to cybersecurity,” explains Michael Cappiello, senior federal inside solution architect at CDW·G. “The concept is that all users and devices should be validated constantly, even those already within the network perimeter.”
In today’s environment, the critical issue is visibility. Endpoints — on desktops and laptops, smartphones and tablets — can connect to workloads in the cloud from virtually almost anywhere. As such, it is more critical than ever to always know what is connecting to your network. Newer technologies, such as next-generation endpoint detection and response (EDR), can improve visibility and take action once malware has infiltrated endpoint protection. Not only can they detect connected endpoints, these solutions are intelligent enough to understand what is normal and detect anomalies.
These technologies provide agencies with more control, as well. An old-style firewall may be able to see traffic coming in from an IP address, for example, but newer firewalls can determine the type of data contained within that traffic. Advanced solutions have more granular controls that allow agencies to specify what users can view and what should be prevented from entering the environment.
The variety of security solutions available to improve cyber-defenses can be overwhelming, and getting those products to work well together can be challenging. The key is understanding the current security posture, the desired improvement and a strategy for making it happen.
One way to acquire security products and services is through a proven federal contract vehicle like SEWP that encompasses every aspect of security, from security assessments to next-generation threat prevention tools to technical support. SEWP carefully vets its contract holders, providing assurance to agencies that they are working with security professionals who understand the federal technology market.
The vast array of cybersecurity tools available through the SEWP contract, CDW·G and proven vendors — along with installation services, technical support and extended service agreements — makes it possible for agencies to keep pace with changing security challenges.