For years, government agencies have poured a great deal of money and resources into finding an efficient way to view activity across their networks.
I saw that first-hand during my tenure in government and my work over the years helping to shape national cybersecurity policy. Despite efforts to readily identify cyber risks, achieving an effective common operating picture continued to prove difficult at many agencies, and having a consolidated view of vulnerabilities and threat activity moving within and between networks was a major operational challenge. When I retired from government at the end of 2018, our Security Operations Centers still tended to coordinate cyber incident response and tracking of malicious activity through conference calls rather than synchronizing awareness and action in an automated fashion. This is a serious impediment when you are trying to counter criminal and nation-state actors moving at machine speed!
Jim Richberg, Chief Information Security Officer, Fortinet Federal
I recognized that part of the problem was due to the complexity and age of agency systems as well as the challenges of the federal budget cycle, but I also felt that the cybersecurity technology to enable integrated situational awareness and automated response must not exist. My view on that has changed, however, since leaving government and discovering that, in fact, the private sector had already come up with a solution — and is deploying it commercially.
From an agency’s point of view, I understand that IT leaders have to balance the risks of security threats with the day-to-day demands of keeping networks operating despite limit ..
Support the originator by clicking the read the rest link below.
