by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : July 2014
As the cyber threat landscape evolves, security methods and tools need to change, too. Gone are the days of defining an information technology system by identifying its boundaries and drawing a fence around it, said Ken Durbin, manager of the Continuous Monitoring Practice at Symantec Corp., during a June 10 webcast titled "Continuous Monitoring: Elevating Cybersecurity in State and Local Government." "Mobile devices and the cloud itself are making it a lot harder to define what the boundary of a particular IT system, so then how am I supposed to protect that?"Durbin said. "We should be moving away from checkbox com- pliance and actually using appliance mandates to actually improve your cybersecurity posture." To that end, continuous monitoring is a positive step. A continuous moni- toring solution involves deploying sensors to parts of your infrastructure that send status data back so informa- tion technology managers can spot suspicious activity. Symantec s products go a step fur- ther, however, by aggregating the col- lected data and making it useful. Parallel transformations Symantec has been transforming itself in line with what s happening in cybersecurity at large. Traditionally the company has developed and acquired state-of-the-art products. Over time, the need has arisen to integrate individual products using key functions. As a result, Symantec now focuses on two major areas: security, through its Unified Security Ecosystem, and information manage- ment, through Unified Information Management. "If you look at the federal govern- ment and what they re doing with continuous diagnostics and mitiga- tion, it s very much an attempt to break down the silos between the D D D D D DI I I I I IG G G G G G G GI I I I I IT T T T T TA A A A A AL L L L L LD D D D D DI I I I I IA A A A A AL L L L L LO O O O O O O OG G G G G G G GU U U U U UE E E E E E CONTINUOUS MONITORING TO ACHIEVE CYBERSECURITY Symantec offers products that not only collect data from sensors but aggregate it to make the information useful. SPONSORED CONTENT Highlights from a recent webcast on cybersecurity PLUGGING INTO NIST'S FRAMEWORK NIST's Cybersecurity Framework, released in February, aims to help organizations improve or start cybersecurity efforts. It breaks down cybersecurity into five areas---identify, protect, detect, respond and recover---with subcategories and a list of the con- trols that apply to them. For example, if your agency is NIST 800-53-compliant, managers can see in the Informative Resources section the controls that satisfy that for a given category. "The goal was---and they achieved this goal---they didn't want to create a single new control as part of the Cybersecurity Framework," said Ken Durbin, manager of the Continuous Monitoring Practice at Symantec Corp. "Because of that, it's a tool that truly helps organizations." Symantec's solution includes the framework in its controls library for additional ease of use and as a way for organizations to see how they're stacking up against the guidelines. "We've also indicated where we don't have a framework that fits that individual framework control," Durbin added. If all continuous monitoring means to you is deploying sensors to eliminate top causes of suspicious activity, you're on the right track, he said. But to really stay ahead of threats in an ever-evolv- ing environment and be ready to respond to breaches, Symantec's aggregation layer is a differentiator to consider." LISTEN/LEARN: For a replay of the webcast, go to: GCN.com/2014ContinuousMonitoring