by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : January and February 2017
are protected from cyberthreats. This lack of confidence largely stems from the use of emerging technologies like cloud and Internet of Things (IoT). Another reason government officials aren’t as confident as they should be is because agency networks have grown and changed. They’ve added network security technologies at different points to address different threats. According to a recent CSO report, an average of 89 different vendors accessed the average organization’s network every week. 3 And only one-third knew the exact number. With that many disparate security solutions, it’s difficult to find sufficiently knowledgeable personnel. It’s also difficult to manage and easy for vulnerabilities to fall through the cracks. “ You can’t take a piecemeal approach to security today,” says Peter Romness, Cybersecurity Solutions Lead for the Public Sector at Cisco Systems. “ You have to look at everything holistically—as a risk- based decision, just like any other business decision.” To maintain optimal effectiveness, network security today must be simple, open and automated: Simple: Easy to deploy, manage and scale. Easy to understand and act on the output of cybersecurity solutions so that threats can be detected and remediated quickly. Easy to insert into existing environment while minimizing network impact. Open: Use open standards and APIs to ensure products interoperate. One example is Cisco’s Platform Exchange Grid (pxGrid), a multivendor, cross-platform language that lets a set of APIs remain the same from product to product. If Cisco or any other company writes to those APIs, it will work with pxGrid, as well as all other solutions. SPONSORED CONTENT “You can’t take a piecemeal approach to security today, you have to look at everything holistically—as a risk-based decision, just like any other business decision.” EXECUTIVE INSIGHTS The Cybersecurity Workforce Problem According to the 2016 Deloitte-NASCIO Cybersecurity Study, more than half of state and local agencies say there aren’t enough cybersecurity professionals to satisfy their requirements. The study also found 56 percent of the cybersecurity professionals on staff had competency gaps. The same is largely true in federal government. These issues are the result of demand from other agencies and the private sector, and because our schools can’t train them fast enough. Again, NIST comes to the rescue with its NICE Cybersecurity Workforce Framework4, a national initiative for cybersecurity education. This new approach not only defines the different cybersecurity roles agencies require, but explains the knowledge, skills and abilities required to fulfill each role. The NICE Cybersecurity Workforce Framework is an excellent companion resource for the NIST Cybersecurity Framework, says Cisco’s Steve Caimi. “The Cybersecurity Framework addresses the essential people, process and technology controls, but it does not discuss the roles or skills you need to accomplish all that’s required,” he says. “That’s where the Workforce Framework comes in. It addresses the specific knowledge, skills, and abilities that an effective cyber workforce really requires.”
October and November 2016