by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : January and February 2016
It should come as no surprise that cybersecurity is the top priority of state CIOs around the country, and has been for the past several years. The National Association of State Chief Information Officers (NASCIO) recently reported this finding, which underscores the continued concern state and local governments have about the increase in cyber-attacks. These threats can and do affect the privacy and security of confidential data, as well as business continuity of government agencies. And the threats continue to spiral out of control. According to an October, 2015 report from Ponemon Institute, state and local government agencies experience data breaches approximately every twelve weeks. The threats are growing more sophisticated as well. Hackers no longer rely solely on tried-and-true methods like packet sniffing and password code cracking. They’ve added more complex threat signatures, such as cross-site scripting, distributed attacks, staging and advanced scanning. The Ponemon Institute report found that on average, federal agencies are better prepared to handle cyber-threats than state and local governments. More federal agencies have incorporated modern technology and processes like behavioral analytics, next- generation firewalls, big data solutions and intelligence sharing. Some states, however, have made significant progress. They’re an important model for other state and local governments. California is one of the most mature with a cybersecurity task force, the California Cybersecurity Integration Center, and the Cyber Incident Response Team. California also has a well-developed, comprehensive incident response plan. Still More to Do Despite pockets of progress, state and local governments still have alongwaytogo.Intheareaof incident response, for example, only 38 percent of state and local government organizations are confident they could contain a cyber-attack. That’s in contrast to 52 percent of federal agencies, according to the Ponemon Institute study. Effective incident response requires greater visibility and faster response than most state and local governments can currently manage. It also requires integrated state-of- the-art tools and capabilities. Integration is also critical to achieving visibility and faster response. It requires incorporating functions like analytics and visualization, along with intelligent packet capture and retrieval. Using an integrated set of tools and functions, agencies can better understand how long the organization has been under attack, how the attacker entered the network, and the extent of the damage. Using this strategy, Maricopa County in Arizona helped secure the data for its nearly 60 departments, while maintaining compliance with a host of federal and industry regulations. Using a combination of FireEye’s Email Threat Prevention (EX Series) platform, Network Threat Prevention, Host Prevention and Central Management platforms, the county was able to more effectively identify, manage and respond to threats in real-time in a fully automated fashion. • Sponsored Report Cyberthreat response rapid response Despite making progress, states and municipalities need better incident response capabilities. • When it comes to Incident Response, preparation is Key • Choosing the Service Approach to Incident response • A Multi-Pronged Approach to Preventing Cyber-Attacks • Fighting Cyber -Crime Requires More Than Just Tools Other Incident Response Articles Include: Go to GCN.COM/2016INCIdeNTReSPONSe Snapshot_FireEyeHP_GCN_Print_0116.indd 1 2/10/16 2:17 PM
March and April 2016