Since its inception in 2013, the federal government’s Continuous Diagnostic and Mitigation program (CDM), led by the Department of Homeland Security, has helped agencies discover up to 50 percent more assets inside their systems than they were previously aware of. And they’re able to do it in real time.
The TAA system, part of Symantec’s Advanced Threat Protection product, cuts hours of human analysis out of the process through automation and machine learning.
Jim Walker, director of public sector marketing for UiPath, said 25-to-30 agencies already are taking advantage of RPA to automate menial, repetitive tasks.
Chris Townsend, the vice president of federal for Symantec, said it’s time for agencies to drive that complexity out of their cybersecurity environment and move to a more standard approach.
Randy Wood, vice president of U.S. public sector sales for Akamai, said zero trust is not a new idea, but one that is about five years old. It promotes the simple concept that trust is not an attribute of location, and just because an employee is trusted inside perimeter, it doesn’t mean he or she should be granted access to all the information.
Jeff Reilly, the senior director of the America’s commercial presales for Dell EMC, said SDN lets agencies move faster and become more agile by redefining their infrastructure.
Ellen Sundra, the vice president of Americas systems engineering for ForeScout Technologies, said, like most cybersecurity decisions, agencies need to balance risk and reward when it comes to IoT devices.
Bob Osborn, the chief technology officer of federal for ServiceNow, said agencies can take advantage of cloud in a secure way and reduce the time it takes to deliver mission critical services by accepting and using a hybrid, multi-cloud approach.
Gary DePreta, the area vice president for defense, intelligence and aerospace at Splunk, said many of these challenges can be reduced if agencies and organizations better understand the data around their cyber threats and vulnerabilities.
Red Hat and other open source companies work closely with the National Institute of Standards and Technology (NIST) using the secure content automation (SCAP) protocol to automate security controls, the General Services Administration’s 18F organization on configuration lockdown.
Brad Montgomery, the director of presales engineering for Dell EMC, said hackers are attacking public and private sector organizations for their data more aggressively than ever.
Tom Topping, the senior director of strategic programs for FireEye, said agencies need to understand their risks and use cyber threat intelligence to better mitigate them.
Paul Battaglia, the vice president of federal sales for Blackberry, said agencies need extra layers of security to protect mobile devices and the data that resides on them.
Dan Carayiannis, the director of public sector for RSA, said there is an emerging concept across both the public and private sectors where organizations are focusing on digital risk management.