BreachExchange mailing list archives
DHS cyber security turning focus to insider threats
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Mon, 6 Jan 2014 17:52:55 -0700
http://www.merlin-intl.com/dhs-cyber-security-turning-focus-to-insider-threats/ DHS cyber security efforts have recently shifted to rooting out insider threats. To this end, it may invest in continuous monitoring systems and harden the access controls on administrator accounts. At the same time, the Department of Homeland Security is keen to consolidate its data centers and upgrade its network infrastructure to handle demand from new endpoints. Government IT acquisitions in 2014 will be driven by the need to protect assets from anexpanding range of threats. According to Federal Times, DHS agencies are purchasing network scanners as part of the the department's $6 billion cyber security contract, and while the current focus of this strategy is on guarding against external attacks, insider threats are increasingly on the radar. DHS Federal Network Resilience director John Streufert stated that the department is seeking to automate the control of administrator privileges on the network. Doing so will be an important part of preventing incidents like the data leaks that recently affected the National Security Agency. Still, maintaining and improving cyber security could be challenging at a time when budgets are flat or declining and IT systems are becoming increasingly complex. On top of that, agencies are under pressure from data center consolidation mandates. Writing for National Defense Magazine, Stew Magnuson explained that DHS is tackling a lot of issues at once, including consolidation and insider threat mitigation. It isn't alone: Nearly eight in 10 federal IT managers recently surveyed by Brocade expected cloud computing, cyber security issues and big data projects to create burdens that their current infrastructure couldn't handle. Agencies will need new network performance management solutions to get the most of their new projects. Big data and social media initiatives could help them keep tabs on possible rogue threats, but they will require modernized, resilient IT infrastructure to really take off.
_______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss For inquiries regarding use or licensing of data, e-mail sales () riskbasedsecurity com Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security offers security intelligence, risk management services and customized security solutions. The YourCISO portal gives decision makers access to tools for evaluating their security posture and prioritizing risk mitigation strategies. Cyber Risk Analytics offers actionable threat information and breach analysis.
Current thread:
- DHS cyber security turning focus to insider threats Audrey McNeil (Jan 07)