by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
FCW : August 15, 2014
The federal government is not designed to be nimble, but it can adapt quickly under extreme crises. The nature of the cybersecurity landscape, however, requires agen- cies to adapt to changing threats continuously, not just during an extreme crisis. And given the rapid adoption and advancement of mobile technologies, that cycle can be on the order of weeks. Yet historically, cybersecurity budgets follow the standard federal budget process and are planned years in advance. The critical challenge is that adversaries can adapt much faster than defenders can adapt their defenses. And, as I observed during my tenure as a civil servant, other nontechnical challenges compound the problems cyber defenders face. Culturally, compliance in the federal government is the standard benchmark for job performance. The challenge is that threats have evolved to the point where good hygiene and implementing current mandates are not enough to stop advanced adversaries. The rst step to changing this paradigm is to continue to stress the importance of compliance while realizing that a cyber breach is unavoidable. The key is to focus on what federal agencies can do to rap- idly identify a breach, contain it and limit the damage an adversary can do. A synergistic approach of imple- menting good hygiene and investing in capabilities that promote effects- based defense capabilities is critical to successfully defending govern- ment networks. There are efforts underway to help address many of those chal- lenges, but agencies should also be allowed to more easily invest in game-changing cybersecurity capa- bilities that not only advance their technical defensive capabilities but also address nontechnical challeng- es and provide more operational effectiveness. In many organizations, operation- ally effective cyber defense revolves around the ability to shrink the time to complete the loop of Attack Prevention > Detection > Diagno- sis > Containment > Response. In agencies that don t have require- ments that support effective cyber defense operations across the entire IT landscape, completing that loop takes weeks or even months. One nontechnical challenge I have observed happens when separate companies have contracts for network administration and endpoint security. I have seen situ- ations in which someone on the endpoint security team identi ed something suspicious and requested details from the networking team to help diagnose the event. But the networking contractor said it could not provide support because it was not allowed to take direction from another contractor. That type of nontechnical chal- lenge and delay can dramatically increase the cost and impacts asso- ciated with cyber breaches. Accord- ing to the latest Mandiant M-Trends report, in 2013 the median time from breach to detection was 229 days. For cyber defenders to be more effective, they need capabilities that enable them to be more proactive in defending against threats. Agen- cies must get out of the business of being reactive and solely relying on mandated signature-based capabili- ties simply because compliance is the benchmark. However, because advanced capabilities are not mandated, it requires an incredible amount of effort and time to acquire them --- typically in small installments of end-of-year funds. Rapidly adopting cutting-edge technologies could give cyber defenders an advantage over adver- saries and help overcome some of the nontechnical challenges agen- cies face. That would save money in the long run and have a dramatic impact on the foothold adversaries can gain in the years it would take to address the problem with current government policies and compli- ance mandates. ■ What it takes to achieve effective cyber defense Addressing nontechnical challenges could help overcome slow-moving government policies and a compliance-focused culture The first step is to continue to stress the importance of compliance while realizing that a cyber breach is unavoidable. August 15, 2014 FCW.COM 17 Commentary | TRAVIS ROSIEK TRAVIS ROSIEK is federal architect at FireEye.
July 30, 2014
August 30, 2014