WITH THREATS ON THE RISE, the federal government is taking decisive action to address high-risk information security challenges. And as cybersecurity technology, frameworks, and standards continue to evolve, you need to keep pace to strengthen your agency’s security posture and mitigate risk. A great place to start is by taking a look these cybersecurity trends driving investments in the U.S. Federal sector.
T R E N D # 1
Security, Orchestration, Automation, and Response (SOAR)
A term coined by Gartner, SOAR encompasses threat and vulnerability management, security operations automation, and security incident response, so organizations can collect threat-related data from a range of sources and systems, as well as respond to low-level threats without human intervention.
Organizations already investing in SOAR are seeing compelling results, as noted in the chart below.
SOAR BENEFITS
An effective SOAR strategy requires a robust security strategy that’s capabilities include collecting threat-related data from a range of sources and systems and responding to that data with little human intervention.
Look for security solutions that deliver automated detection, mitigation, and analytics. Machine learning and other AI techniques enable the system to learn from historical or similar traffic patterns and provide insight into exactly what's happening.
T R E N D # 2
Zero Trust: Trust Nobody, Protect Everywhere
WHAT IS IT?
While Zero Trust has been around for a decade, it’s taken on new urgency as more federal employees work from home during the COVID-19 pandemic. With bad guys constantly plotting new ways to gain access to target networks, “trust, but verify” is giving way to “trust nobody, protect everywhere” (or, Zero Trust).
WHAT’S THE IMPACT?
You have to rethink the traditional network perimeter to achieve enhanced security. To enable Zero Trust, you must abandon the “trust, but verify” approach and follow these three principles: never trust, always verify, and continuously monitor.
Never Trust
Always Verify
Continuously Monitor
WHAT’S THE CHALLENGE?
The big challenge inherent in Zero Trust security is how to prevent unauthorized access without making things harder for users or increasing your IT burden
WHAT CAN YOU DO?
Choose the right access management and authentication technology. For example, a large U.S. federal agency used its existing F5 BIG-IP platforms to enable Zero Trust. Having a large number (2500 in this case) of F5 devices deployed within their network transformed what can be an arduous process into a seamless one.
T R E N D # 3
Trusted Internet Connection (TIC) 3.0
WHAT IS IT?
TIC 3.0 expands on the Cybersecurity and Infrastructure Security Office’s original Trusted Internet Connections (TIC) initiative to provide flexible guidance for better securing a wide spectrum of agency network architectures. Addressing demand for a less prescriptive approach, TIC 3.0 recognizes shifts in modern cybersecurity and advances in technology to guide agencies toward desired outcomes.
WHAT’S THE IMPACT?
TIC 3.0 removes many former barriers to federal agency cloud adoption. It lets you adopt a more flexible approach to securing data and moving to the cloud.
2019 U.S. BREACHES BY CAUSE
WHAT’S THE CHALLENGE?
Maintaining reliable application delivery while at the same time making sure dynamic security is baked into every level to protect your agency from multiple attack vectors.
WHAT CAN YOU DO?
A Universal Security or Policy Enforcement Point Control within the TIC 3.0 framework is critical. While it’s important to use identity for access as a single point of control, it was eye-opening to learn—as we did from an F5 Labs report—that 51.8% of breaches initially targeted identities. So, it’s critical to protect the identity perimeter.