Successfully securing networks against cyber threats requires support from the top -- not only from the IT staff, but from C-level executives as well. Network monitoring, patching or purging outdated software and hardware, communications, and coordination are essential for good risk management policies and practices.
A recent seminar sponsored by immixGroup, Bit9, Hewlett-Packard Enterprise Security, and Sourcefire featured cybersecurity experts from government and industry who explored the factors that contribute to a federal agency's ability to assess and anticipate threats as well as mitigate risk.
To start with, agencies must "push cybersecurity ownership up" the management ranks within the organization, said Gil Vega, the Energy Department's associate chief information officer for cybersecurity and chief information security officer. At Energy this meant creating a risk management executive body that included senior executives and undersecretaries. Initiating meaningful cybersecurity practices required sharing the responsibilities of risk management decisions, Vega said.
He recommended taking inventory of endpoints and patching applications and operating systems. Network surveillance and incident response are critical activities as well, he noted. Sharing information is vital. Energy distributes threat information departmentwide and a joint cybersecurity coordination center ensures appropriate communication among the stakeholders.
Energy is implementing a number of lessons learned from previous cyber event experiences:
-- Avoid putting too much stock in a layered defense or a multilevel security environment. Let go of "minority technologies" that are languishing and creating vulnerabilities.
-- Monitor cyber events around-the-clock. Most occur over long holidays, Vega said, leading him to "rue holiday weekends."
-- Maintain core forensic capabilities.
-- Keep a senior project manager on response teams to help coordinate all activities. This improves response times.
-- Be prepared to call for help from bureaus and other agencies. Don't be afraid to acknowledge that there has been an attack. Use this communication to gather the necessary resources.
-- Develop an emergency communications continuity of operations plan. This will enable you to talk, coordinate and collaborate effectively across long distances in the hours and days following a major event.
See the full article here: http://www.nextgov.com/nextgov/ng_20120215_4072.php?oref=topnews
No comments:
Post a Comment