View
190
Download
1
Category
Preview:
Citation preview
Mitigating Risk in
Aging Federal IT
Shunta Sanders
Sr. Systems Engineer
Federal Division
Today’s Topics
• Federal Cyber
Security Threat
Survey
• Key Strategies for
Securing Aging
Information
Systems
Methodology
• Online survey fielded in
January/February 2017
• 105 responses
• 27 questions
• Limited to:
• U.S. Federal Government
• Mid- to Senior-level IT
Management
• Some Involvement with PAM
What Worries Federal IT Managers
MalwareNation State
AttacksApplication
Vulnerabilities
44%44%45%
What They are Doing to Combat Risks
63%
91%
88%
Privileged
access
management
Vulnerability
patching
Most important in securing information
environment
Nearly two-thirds report less
than fully mature vulnerability
remediation programs
Aging Infrastructure Leads to Costly Breaches
Experienced a
data breach in
the last 6 months
42%
1 in 8 experienced a
breach in the past 30 days
Federal IT systems
experience a breach
every 347 days
Biggest impacts from insider
privilege abuse are lost…
Productivity MoneyReputation
Cost of data breaches across
all Federal IT systems is
$637 Million annually
Breaches Happen
Breaches Hurt
Aging Infrastructure Breeds Risk
Biggest impact of aging
IT infrastructure?
Efficiency ComplianceCyber Risk
81%Say aging IT
infrastructure
impacts risk
61%Say aging IT
infrastructure
is a roadblock
to compliance
Change is difficult, takes time, and cost money
Government employees
have to contend with:
• Mainframes
• Legacy apps
• Aging OS's
• Aging infrastructure
• Limited budget
• Limited staff
• Status quo in thinking
How Can Agencies Address These
Threats?
Manage privileged credentials with
greater discipline, eliminate
administrator rights and enforce
least privilege
Old or new infrastructure, shared
passwords and SSH keys continue to
persist across host systems, databases,
network devices and applications.
Automated Password
Management
Local accounts can create significant risk
with everything from weak password
management to account deprovisioning
backdoors.
Understand and Limit
Privilege Access
Many traditional security tools are
architected for on premise environments.
When extended to the cloud or across
hybrid environments, they leave gaps that
allow for excessive privileged access and
permissions
PAM & VMSSecuring Cloud Assets
Unauthorized installation of software
applications can insert risk into your
environment.
Endpoint
Least Privilege
Given it’s easy access and liberal
governance, systems administrators often
use the sudo command for everyday
commands and tasks- bypassing
organizational policy, network security
and compliance requirements.
Replace Open Source Tools
Isolate legacy systems to reduce
attack surfaces
Often the weak link in the security chain
is remote access by third-party vendors
and contractors
Controlled network
separation and
activity monitoring.
Laptops travel around the world
…clouds stop and start as
needed.
Cycling Passwords on Remote Systems
Improve the maturity of vulnerability
management through automated
patching
With today’s complex
infrastructures how do you know
what’s plugged into your
network- and what risks they
pose?
Discovery and Assessment
Unite threat intelligence from
multiple sources to better
prioritize risks across the
environment
Few vulnerability management
tools extend beyond a data
dump of found vulnerabilities.
Prioritize Remediation Based on Active Applications
Traditional security analytics
solutions struggle to correlate
diverse data to discern hidden
risks amidst the noise
Use Threat Analytics forBetter Decision Making
4 Best Practices to Address Threats
Improve the maturity of vulnerability management through automated patching
Manage privileged credentials with greater discipline, eliminate administrator rights and enforce least privilege
Isolate Systems to reduce attack surfaces
Unite threat intelligence from multiple sources to better prioritize risks across the environment and pinpoint anomalies to identify
patterns indicating malicious activity
Mr. Shunta Sharod Sanders
Sr. Sales Engineer
BeyondTrust - Federal Division
ssanders@beyondtrust.com
301-325-0232
Recommended