by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : May 2016
HIS TEAM STOPPED A SECURITY THREAT NO ONE ELSE SAW. HOW? HE’S NOT TELLING. © 2016 Splunk Inc. Get Splunk’s analytics-driven enterprise security through Carahsoft. Learn more at carahsoft.com/innovation-splunk Splunk® solutions give security teams visibility across the infrastructure so they can quickly detect and contain malicious activity before it becomes a breach. Government security experts use Splunk software and cloud services to protect their organizations, but only a few of them will talk about it. sp-publicsectorad-full-page-8x10.75_NewCTA_Final-V2.indd 1 4/15/16 2:38 PM U . S. GOVERNMENT organi zations are prime targets for advanced cyber threats. Over the past two years, attack- ers have targeted agencies across the federal landscape—civilian, defense and intelligence. Some attacks left a bigger ma rk than others; na mely the high-profile breaches against the Office of Person nel Management. The attention cybersecu rity incidents are gaining is causing government CIOs and agency leaders to reexami ne their secu rity practices. Tony Scott’s “cybersecurity sprint” last summer jump - started the discussions, but the strategic evaluation of how agencies approach and ma nage cybersecu - rity is ongoing. The first piece of this is to understand the reality of the current government environment. The threat landscape is more complex than ever. Not only are there more external threats from determi ned and sophisticated attackers, but the challenge of insider threats is also rising. The Office of Management and Budget just released its annual Federal Information Security Modernization Act (FISMA) report. There was a 10 percent increase in cybersecurity incidents from 2014 to 2015. So while federal leaders are undoubtedly paying more attention to security, the number of security incidents continues to climb. The greatest obstacle agencies face is their IT systems a nd applications a re still siloed. T here is limited collaboration and communication between the teams ma naging these assets. Ultimately, what security teams and CIOs need most is enhanced visibility into what’s happening across systems a nd networks. A nalysts need the analytics capabilities to provide valuable, real-time intelligence where it’s required. To achieve an effective analytics-driven approach to security, agencies must understand all data is security relevant. Leveraging the power of machine data analysis, which includes records of activities and behaviors involving users, transac- tions, applications, servers, networks and devices, is a comprehensive approach to this challenge. Viewing information as individual, siloed data sets may not provide much value, but bringing that data together to provide an enterprise-level picture is ext remely valuable for decision makers. Embracing a machine-data, analytics-driven approach doesn’t just help with security. It also enhances agencies’ abilities to address IT oper- ational challenges and improve citizen services delivery. If a system or process isn’t performing well, it’s imperative to identify the issue and take steps to ensu re the problem is solved. Not only is this important from an efficiency and operational perspective, but it also affects security. IT moderni zation is critical to addressing cyber- security. Many of the vulnerabilities government agencies face today are the result of outdated, legacy technology. This is undoubtedly a big rea- son why the administration included a $3.1 billion IT modernization fund in the budget proposal submitted to Congress in February. That’s on top of the $19 billion that was budgeted specifically to address cybersecu rity. The government’s Continuous Diagnostics and Mitigation (CDM) program is a promising initiative for improving the overall government cy- bersecurity posture. CDM will deliver comprehen- sive risk and security ma nagement capabilities to agencies through a diverse set of solutions, helping agencies achieve comprehensive, single-pane of glass visibility across their environment. With that enterprise capability, CIOs and security teams can gather real-time insights to quickly and effectively respond to potential threats. This will help reduce the risks for agencies and departments. New cyber threats emerge every day. Mali- cious actors will continue to seek out vulnera- bilities to infiltrate agency networks and access sensitive information. As these threats evolve, government agencies, in collaboration with in- dustry, must continuously seek to enhance and adapt their cybersecu rity measures to combat adversaries. Kevin Davi s is Vice P resident of Public Sector, Splunk. KEVIN DAVIS VICE PRESIDENT OF PUBLIC SECTOR, SPLUNK SECURING THE GOVERNMENT Cyber threats are on the rise, so government agencies must prepare and defend. S-22 SECURING THE ENTERPRISE SPONSORED CONTENT
March and April 2016
June and July 2016