Defense and intelligence community leaders working to improve security resilience and remain operational during disruptions should consider the full capabilities of next-generation firewall (NGFW) solutions, says a new report produced by Scoop News Group, for FedScoop, and underwritten by Cisco.

Because organizations have acquired separate security tools over time, they have added a lot of complexity to their suite of solutions. NGFW can now provide interconnectivity between firewalls, intrusion detection systems, intrusion protection systems, workload security, endpoint security, threat intelligence and encrypted traffic analysis.

“I remind people that there are over 3,100 U.S.-based security vendors — tens of thousands across the world — and while I will never argue against the necessity of a security tool, I do stress that at some point, these innovations need to either work with something else or be bought by somebody,” explained Chris Crider, security systems engineering leader at Cisco. “At some point, leaders have to make choices on how to best implement security in their environment.”

DOD and IC communities aren’t alone in this challenge. A recent study, produced by Scoop News Group, asked 165 prequalified federal leaders about the state and strength of their current security posture.

More than half (55%) of respondents reported that their security tools function moderately to completely independently from their suite of solutions. And 33% said their organization uses between 11 to 40 different vendors across their security technologies, while 11% use more than 50 security vendors.

But changing the way organizations defend the perimeter is a sentiment that defense leaders are echoing. In a recent FedScoop interview, James “Aaron” Bishop, CISO for the Department of the Air Force, spoke about the challenges of defining the network perimeter and how the Air Force is securing their substantial IT environment.

Bishop referred to the Air Force as operating “150 little cities around the world,” which encompasses a vast IT infrastructure with technology running on different lifecycles that need to be upgraded, maintained, patched and replaced.

“But as a warfighting mission,” he explained, “I also have to extend that capability beyond that base. So now my networks have to go into expeditionary communications, extended aerial networks, etc. Now I need to understand where that perimeter is, where do I protect it [and] where do I pass it on to the next environment that may or may not be there today or tomorrow?”

Leaning into NGFW allows organizations to adopt dynamic packet filtering and policies that travel with applications as they move across a global infrastructure.

“That means that DOD and IC organizations can build and implement policies and additionally utilize security group tags to specify the privileges of a traffic source within a trusted network. Then migrate into any cloud to provide services globally and take the analytics and logging to monitor traffic with a single pane of glass,” added Norman St. Laurent, cyber security specialist at Cisco. “With NGFW, organizations can always monitor what is happening on the network, have a holistic view of activity and full contextual awareness to see threat activity across users, hosts, networks and devices.”

The first important step is finding the right partner to begin integrating security solutions. According to Gartner, organizations should look for some of the following key capabilities when implementing an NGFW:

• Standard firewall capabilities like a stateful inspection.
• Integrated intrusion prevention.
• Application awareness and control to see and block risky applications.
• Threat intelligent sources.
• Upgrade paths to include future information feeds.
• Techniques to address evolving security threats.

Read the full report and learn more about integrating a firewall solution that will adapt to your organization’s evolving network needs.

This article was produced by Scoop News Group, for FedScoop, and sponsored by Cisco.

The post Building security resilience across global missions with next-gen firewalls appeared first on FedScoop.

Across the street from a classically-designed federal building on the outskirts of Washington, D.C., stands the newest iteration of a familiar 21st-century icon — the ubiquitous cell tower. This one, like a growing number now facilitating communications across the country, provides high-capacity, high-speed 5G wireless capabilities.

The promise of 5G has become a reality for many nationwide. However, for employees inside many federal government buildings, high-capacity wireless technology, including 5G, remains frustratingly out of reach. It’s not that their cell phones and laptops don’t work with 5G. It’s that many federal buildings were designed for security and a different set of needs — often requiring copper-meshed windows and thick concrete walls to counter eavesdropping and contain internal communications.

It wasn’t that long ago that the majority of data traffic in a typical federal office moved through wired networks. Today, thanks to the evolution of smartphones and laptops, as well as the sudden necessity to support a mobile workforce during the pandemic, federal workers have become reliant on seamless wireless access.

In fact, 93% of employees at one federal agency we work with now receive and read their email first on a mobile smartphone—a dramatic change from just a few years ago.

And it’s not just the way federal employees work. It’s the way federal agencies increasingly need to operate.

Efforts to control building expenses across the federal government’s vast real estate footprint have driven the need for intelligent building capabilities using sensors and IoT devices. Military bases, meanwhile, are making significant investments in their warehouses and other structures on IoT sensors and related systems to track critical inventory and logistics information in real time. All of those capabilities require essential and ubiquitous wireless connectivity.

While the cost of retrofitting federal facilities to accommodate modern wireless communications, including 5G, is not incidental, the good news is that the evolution and lowering costs of small-cell and in-building Ultra-Wideband technology makes ubiquitous, seamless and secure wireless connectivity more accessible than many might think.

And for government agencies, it can also help solve the often complex architectural and security requirements of most federal buildings and facilities.

While small-cell and distributed antenna systems have proven they can deliver reliable wireless data and video service for tens of thousands of fans at today’s leading sports venues, they are proving equally useful in retrofitting the labyrinth halls of the U.S. Capitol building, where historical design considerations dictate special considerations. The same technology could be used to facilitate ubiquitous wireless connectivity across university and office campuses.

More than that, though, 5G can also provide critical security benefits.

5G networks use end-to-end encryption to protect federal data, making them safer and more secure than Wi-Fi systems. They also provide greater protection, with enhanced security features, for relaying IoT data. Combined with wired networks, they enable greater authentication and authorization protocols to prevent unauthorized access.

Even if your agency isn’t ready to upgrade its communications or retrofit your facilities, agency leaders, IT directors and facilities managers would be well-served to consider how low-, medium- and high-band 5G creates new options for how office spaces are designed and supported in the future. In many cases, the communications infrastructure considered modern a decade ago will become outmoded by 5G’s capabilities.

It’s not too soon to start planning, especially as agencies continue to grapple with attracting and retaining today’s mobile-centric workforce who expect seamless wireless communications wherever they work. We can help with that planning, including assisting that one building in Washington to connect to Verizon’s 5G network.  

Learn more about how Verizon can help your agency capitalize on today’s 5G capabilities.

The post Bridging the wireless gaps: Why ‘in-building’ connectivity is crucial for federal agencies appeared first on FedScoop.

The post The power of the cloud to aid service members in their transition to civilian life appeared first on FedScoop.

The post Ethical AI frameworks are crucial to reducing biases, says former Navy CIO Aaron Weis appeared first on FedScoop.

According to CISA, “the team gained persistent access to the organization’s network, moved laterally across the organization’s multiple geographically separated sites, and eventually gained access to systems adjacent to the organization’s sensitive business systems (SBSs).”

The initial access was gained through spearphishing emails — also known as business email compromise (BEC) — which targeted specific users in the organization.

Security leaders from Proofpoint walked us through these report findings and detailed why identity-focused attacks remain the most vulnerable entry point to an organization, in a recent report, “Putting Federal Security Controls to the Test,” produced by Scoop News Group for FedScoop, and underwritten by Proofpoint.

“There are a lot of different ways threat actors can get that initial access [into a network],” shared Garrett Guinivan, solutions architect and threat analyst at Proofpoint. “And often what leaders don’t realize is the high number of threats coming in via email.”

Once an attacker has access, many organizations don’t have the tools to alert them that they are inside their environment. The danger here is that an attacker can maintain persistence in the network, gather information, escalate their privileges and move laterally across the network until they are ready to launch their attack.

Hanna Wong, director of public sector solutions at Proofpoint, added, “cyberthreat actors are getting more creative with their attacks on people and using modern tools to obfuscate their activity. So, it is incredibly important that federal leaders integrate security solutions that are impactful and take the agency beyond meeting minimal compliance.”

This is where establishing identity threat, detection and response (ITDR) practices can be helpful. ITDR focuses on detecting and preventing credentials and privilege account abuse from vulnerable identities in an organization. ITDR also deploys honeypots for early detection of an attack, giving defenders an edge in learning more about a threat actor’s techniques.

“ITDR platforms like Illusive, Proofpoint’s new acquisition, make it harder for an actor to move inside a network and provide an organization with both the visibility of risks that need to be remediated, in addition to providing alert mechanisms that make it harder for attackers to maintain a persistent presence or escalate their privileges,” explained Guinivan.

“Having accurate data of where your biggest threats are, and your true threat model, are ways we can help executives better understand where they need to invest their security resources,” he said.

Read the full report and learn more about integrating solutions that protect people and data from the latest cyberattacks.This article was produced by Scoop News Group for FedScoop and sponsored by Proofpoint.

The post Identity-focused attacks remain the most vulnerable entry point to an organization appeared first on FedScoop.

In a new video series, government leaders shared how their organizations are keeping pace with security demands. The series, “Security Heroes: Defending the Dynamic Perimeter,” was produced by Scoop News Group, for FedScoop, and underwritten by Cisco.

A modern, or hybrid, network perimeter should now include next generation firewalls, policy enforcement points and capabilities like zero trust exchanges, according to Bobby Holstein, zero trust architect for the Bureau of Labor Statistics.

“It’s not the volume of traffic that’s increasing per se, but the complexity. Operations departments will need to increase visibility into these complex traffic flows to be able to monitor performance. And this new secure sharpened edge that’s replacing this [traditional] firewall perimeter needs to be able to inspect SSL traffic for malicious content,” he explained.

Aaron Bishop, CISO at the Department of the Air Force, echoed that sentiment, adding that modernizing perimeter defenses aligns with both cloud and zero trust architecture strategies.

“Firewalls and packet inspection is a key aspect to layers in defense,” he says and determining where the boundary lays “is now the question of the hour” for most leaders.

“I challenge all of my authorizing officials to look at where’s the boundary I’m trying to protect and where is the data that I’m protecting within it. If I need to move that data, I need to understand where that protections go with that data,” shared Bishop.

Many of the government leaders interviewed in this series said that new perimeter defenses need to be more agile to enforce policies across modern infrastructure that includes micro-segmented workloads, encryption needs for data in transit and capabilities like secure access service edge.

Peter Romness, cybersecurity principal, CISO advisors’ office at Cisco, refers to modern firewalls as “security facilitators.” He explained that they have “become a container for security tools—things like antivirus, intrusion protection, improved intrusion detection. And they also facilitate behavioral monitoring to look for anomalies and known bad behavior. They also provide the ability to have a security tunnel to all of your endpoints and all of your assets in the multi cloud environment.”

Additionally, security defenses need to work at speeds that accommodate the increased volume of traffic, and the need to encrypt, decrypt and analyze that traffic as it flows across the environment.

Robert Wood, CISO at the Centers for Medicare and Medicaid Services says what these changes are really driving “is a change in the way that we go about detecting and responding to issues in our environment,” which means that agencies need to have the resources to interface with all their endpoints and store the data so they can shift into more of a data-centric and engineering-centric workforce. “I think that’s the way of the future for the security industry, and it’s where we need to go.”

Hear more for our government leaders, and other participants in this video series, including:

• Anthony O’Neill, CISO, Massachusetts
• Craig Hurter, deputy CISO, Arizona
• Gerald Caron, former CIO, HHS OIG
• Jane Zipoli, federal civilian cybersecurity leader, Cisco
• Ryan Murray, deputy CISO, Arizona
• Tony Plater, CISO, Dept. of the Navy

This video series was produced by Scoop News Group for FedScoop and sponsored by Cisco.

The post Defending a dynamic perimeter with modern firewall technologies appeared first on FedScoop.

The post Enhanced security resilience for government with modern firewalls appeared first on FedScoop.

Network modernization involves implementing new technologies and practices that help improve network performance, reliability and security. A new video campaign featuring federal and state government agency leaders highlights the steps agencies are taking to modernize the network infrastructure that supports mission-critical applications, making them more scalable and secure.

George Duchak, CIO for the Defense Logistics Agency—which manages eight different supply chains with operations across the U.S. and over 20 countries—gave insight into DLA’s first significant IT modernization effort in 25 years. He highlights their strategic push to the cloud, implementing a zero-trust architecture and purchasing fiber and bandwidth to extend to their more austere locations.

“We’ve taken steps to upgrade our bandwidth over the past few years, we’ve gone from one gigabit per second to three, and now we’re at 10 gigabits per second. Additionally, because we are concerned about resiliency, we have path diversity. So, we have multiple paths for this. So another key shift for security reasons was the adoption of application delivery controllers, advanced application firewalls and intrusion prevention systems,” said Duchak.

Optimizing infrastructure for robust networks is a challenging task, particularly for states. With limited budgets and competing priorities, state governments often struggle to allocate the necessary resources to implement modern capabilities.

However, North Dakota’s CTO Duane Schell shared how his state managed networking costs by adding more value to the capacities they procure. He describes overcoming procurement challenges by improving how they frame contract language to include target goals. This adds transparency in the bidding process for vendors about what they currently have and are trying to achieve — for example, in areas such as a cloud and zero trust security.

“A level of transparency is key to helping ensure that our partners can put together and write proposals that are going to achieve the right value on the other side,” said Schell.

And as agencies rely more on technology to provide essential services, building greater security measures into the network is increasingly important. Ramesh Menon, CTO of the Defense Intelligence Agency, shared his insights on what strategies to implement greater security.

“We need to understand the concept of data fabrics and cross-domain policies; how do we share APIs? How is it going to be shared? How are our applications orchestrated to leverage this new architectural evolution? So, while we become more secure and make sure we are resilient with the cybersecurity regulations, we need to make sure that we look in terms of value, not just as a control to improve security but as an enabler to accelerate the value for our mission partners and mission owners from an application standpoint too,” he said.

Assistant Secretary for Technology, Security and Operations & COO, Massachusetts Sean Hughes said that the state enhanced its threat hunting analysis, allowing them to centralize the management of all associated threat data to include endpoint and network data. Hughes explained that as they continue to ingest data into their security, incident and event management platform, they can identify deviations and threats they may face.

“The key for the Commonwealth of Massachusetts is managing the environment with a common platform for security and networking, where we can leverage an economy of scale and deploy standardized rules protecting all remote endpoints,” he explained.

By adopting modern networking solutions, federal and state government agencies can ensure their networks are optimized for the cloud and multi-cloud computing environment, providing greater flexibility, scalability and security.

 Other participants who shared their experiences in the video series include:

• Sharon Woods, Executive Director, Cloud Computing Program Office, DISA
• Kenneth Harrison, Division Chief, Telecommunications Office, Census Bureau
• Colten O’Malley, Deputy Commander, US Army Command and Control Support Agency
• Steve Nichols, Former CTO, Georgia
• Jason Hebbe, CTO Pennsylvania
• Chris Rein, CTO, New Jersey

This video series was produced by Scoop News Group for FedScoop and StateScoop and sponsored by Comcast Business.

The post How agencies are delivering future-ready network performance appeared first on FedScoop.

The survey sought out public sentiment and ranked 11 sectors across both commercial and public sector organizations, including grocery, non-grocery retail, financial services, healthcare, telecoms, logistics, utilities, public sector and others.

The results showed that the public sector ranked 6.36 in the weighted sentiment ranking, falling well below the U.S. average ranking of 7.68.

The findings were based on interviews with more than 7,700 U.S. consumers who reported on 237 U.S. organizations.

Respondents were asked to score their perceptions of each organization’s reputation in three main areas:

• Advocacy: how likely they were to recommend each to a friend or colleague
• Loyalty: how likely they were to continue using each in the future
• Customer experience across six pillars: empathy, personalization, time and effort, expectations, resolution and integrity

Though the study focused largely on the commercial side, there are several lessons that public sector leaders can take away from the successes of “breakout” companies — organizations that made a dramatic improvement in their Customer Experience Excellence score year over year.

The eight capabilities or factors that these breakout companies share, according to the report, include:

• Insight-driven strategies and actions
• Innovative products and services
• Experience centricity by design
• Seamless interactions and commerce
• Aligned and empowered workforce
• Digitally enabled technology architecture
• Responsive operations and supply chain
• Integrated partner and alliance ecosystem

The report cites examples from the Department of Veterans Affairs and Medicare as two large federal organizations that have started reframing their outcomes in a more customer-centric way. That includes revamping aging websites or reorganizing departments with the customer in mind.

And these agencies have found success by working with partners, like KPMG, to integrate methodologies tailored to help them overcome their unique challenges and to improve their customers’ experiences to empower their constituents to make more informed decisions, says the report.

Learn more about the findings from the report, “Improving the Citizen Experience.”

This article was produced by Scoop News Group, for FedScoop, and sponsored by KPMG.

The post U.S. public sentiment ranks public sector organizations low on customer experience measures appeared first on FedScoop.

Whether sustaining legacy systems or acquiring modern applications—the U.S. government spends billions annually on IT. In its effort to cut back on software costs and to increase transparency among agencies and with the public, the White House released M-16-21 or the Federal Source Code Policy (FSCP), which stated agencies should release more of their custom-developed software and established a pilot program requiring the release of at least 20 percent of new custom-developed code as open-source software (OSS). Soon after that, the Office of Management and Budget (OMB) launched the website Code.gov—a repository of agencies’ code and OSS that enabled government and non-government personnel to collaborate helping ensure the code was reliable and effective in furthering national objectives.

Nearly seven years have passed since the release of the policy and website, and despite the advantages, the government sector has not fully realized the potential of OSS. The FSCP and the website have become a missed opportunity for government leaders who have not effectively leveraged their communities to help them with software development.

The need for long-term government support
As the former Director of Code.gov, where I oversaw agency implementation of FSCP and helped engineer the site, I saw firsthand how the federal IT community recognized the value of open source but often was unable to realize its full benefits.

A lot of the traffic and traction that Code.gov received came from the science and space labs—from researchers who understood and could manage OSS. And while the government was bold in embracing the FSCP when it was first enacted, community support evaporated, and there was not enough buy-in as CIOs still needed something more that OSS could deliver, potentially control, security, and/or technical knowledge.

As organizations continue to move towards multi-cloud, zero-trust environments, using only one type of software, OSS or proprietary, limits potential growth—both are needed.

The best of both worlds: OSS and proprietary software
Both open-source and proprietary software have their advantages and disadvantages. OSS is often free and more customizable, but can be challenging to use and often requires specialized support. Proprietary software is often easier to use and comes with more support, but it can be expensive and difficult to customize.

The combination of both types of software can provide a more well-rounded solution that takes advantage of the strengths of each type. By using OSS as a foundation, agencies can develop customized solutions that meet their unique needs while leveraging proprietary software for mission-critical operations that require dedicated support and specialized features—without having to compromise on functionality or usability.

By taking advantage of the benefits of each type of software, government agencies can achieve cost-effective solutions, interoperability, security, customization, and community support.

Fostering innovation  
As technology continues to advance, government agencies must keep up with the latest solutions to deliver effective services. By working with partners like SAS, they can combine the strengths of enterprise software that provides advanced analytics with powerful compute capabilities in conjunction with OSS.

Agencies can use OSS and SAS together to create an analytics platform that unlocks the value of their data to enable informed decision-making in a timely fashion:

• Ingesting and integrating data from various sources with OSS while using SAS to analyze and model data for a holistic view.
• Customizing platforms to meet the unique needs of each agency via OSS and SAS software.
• Having the ability to deploy SAS on different cloud platforms providing agencies with a highly scalable analytics platform that can be used to process mass data.
• Leveraging the advanced analytics tools offered by enterprise software such as artificial intelligence and machine learning.
• Promoting transparency and security of data assets throughout the organization.

By leveraging the strengths of both types of software, agencies can create a platform that is highly customizable, advanced, and built on OSS technologies. This will help agencies overcome the challenges presented by a multi-cloud environment while reducing costs, improving security and interoperability, and supporting innovation to serve their customers better.

Learn more about how SAS can help your organization take a hybrid approach to its software—achieving the best of both worlds.

The post Realizing the best of both worlds: The value of using open source and proprietary software appeared first on FedScoop.