The concept of “threat hunting”

Best listening experience is on Chrome, Firefox or Safari. Subscribe to Fed Tech Talk’s audio interviews on Apple Podcasts or PodcastOne

When it comes to ransomware, many federal agencies think they are immune. After all, what kind of financial commitment can a federal agency make to a mysterious bitcoin account? Well, look again.

A typical federal agency has a treasure trove of data that an attacker may want. Shawn Henry, chief security officer and president of Services, and Drew Bagley, vice president & counsel, Privacy & Cyber Policy at CrowdStrike, join host John Gilroy on this week’s Federal Tech Talk to give federal listeners an idea of what can happen in a ransomware attack.

(L-R) Shawn Henry & Drew Bagley, CrowdStrike

What is new in this interview is the concept of threat hunting. Henry has said that the failure to hunt will result in a lack of detection. In other words, a federal agency should have a great defensive posture; however, both Henry and Bagley agree that there must be a proactive component in your cybersecurity preparation.

Some have called this a “managed hunting service” that includes social engineering to stop breaches.

If you are interested in pursuing this defense/offense concept for your agency, Crowdstrike has an annual public sector conference called Fal.com.

Comments

Federal Tech Talk

TUESDAYS at 1:00 P.M.

Host John Gilroy of The Oakmont Group speaks the language of federal CISOs, CIOs and CTOs, and gets into the specifics for government IT systems integrators. Follow John on Twitter. Subscribe on Apple Podcasts or Podcast One.