by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : August and September 2016
SPONSORED CONTENT S-22 C YBER DEFENSE IS mission - critical for every public sector organi zation. Every federal, state and local govern- ment agency is responsible to defend security of data and IT systems in their care, and also to aid in the broader cyber defense of the homeland against disparate adversaries. Truly, the mission of cyber defense transcends government agency elements and organi zations. Unfortunately, government agencies have experienced painful episodes underscoring that this security vision has not been operationalized. Government organi zations are acknowledging the fact that they have not been fully effective at preventing or even reducing the impact of breaches in many respects. By-and-large, this failure is due to a continued focus solely on preventative approaches. These preventative and peri meter- based IT security systems – like all the castles built in history – are ultimately always breached. Throwing money at disjointed solutions (even if cutting edge or disruptively innovative) has not added to the safety and security of agency IT infra- structure or driven coherent cyber risk manage- ment and governance. Investments and capabilities in one area must be leverage-able and discoverable across the entire IT footprint. Unfortunately, many investments that have been made have not been integrated into the broader secu rity mission. The government agencies at all levels face motivated, agile, a nd well-funded adversa ries that want to cause significant harm. And in today’s world, they can. As the stakes in the battle have escalated, past models addressing cyber threats have, as noted, performed poorly in secu ri ng organizations from the threats they face. What’s needed is to fundamentally rethink the way that government agencies look at cybersecurity. The first step is driving operationally relevant cybersecurity. This requires that the cyber policies and goals that government executives make are integrated in day-to-day mission execution. Today, there is a profound disconnect in this area. To ad- dress the gap, agencies must obtain effective cyber command and control capabilities. There are three key focus areas to attain this state: 1. K now what’s happeni ng on your network, cloud infrastr ucture, and device footprint. Organi- zations need pervasive network visibility, f rom the endpoint to the cloud. This helps IT teams ma xi - mi ze the preventative power of peri meter tools and reduces the “dwell-time” of successful breaches. 2. Remove the blinders of silos and disjointed systems. For example, agencies must ensure that all monitoring teams from audit to security to HR can track, com municate, and defend across application, environ ment , a nd user device. 3. Deploy an effective identity management program. Minimize unauthorized access to devices and IT assets – with authentication capabilities that verify users with a high level of assurance, across a large range of devices and environ ments. There is no magic bullet or tool to winning in the cyber battle. That said, the three areas of cyber hygiene discussed above, if properly addressed, ca n deliver effective cybersecu rity. This is borne out in data repeatedly cited by the US Department of Homeland Security and GSA that estimates that 96 percent of breaches could be mitigated through competent cyber hygiene. Clearly this approach can have a substantial impact in the battle for cybersecurity across the public sector. The cyber battle is the fight of this era, and a mission that the government cannot afford to lose. Jacklyn Wynn is Vice President, Strategy and Market Development, Global Public Sector at RSA, the Security Division of EMC. JACKLYN M. WYNN VICE PRESIDENT, STRATEGY AND MARKET DEVELOPMENT, GLOBAL PUBLIC SECTOR AT RSA, THE SECURITY DIVISION OF EMC HOW TO GO FROM MISSION IMPOSSIBLE TO MISSION SUCCESS Government agencies need to rethink the way they look at cyber defense to ensure that cyber policies and goals are integrated in day-to-day mission execution. CYBER RESILIENCE
June and July 2016
October and November 2016