April 2017 Digital Edition
March 2017 Digital Edition
Feb. 2017 Digital Edition
Nov/Dec 2016 Digital Edition
Oct 2016 Digital Edition
Federal | Agencies | Legislative
By Steve Bittenbender
Editor, Government Security News
President Donald Trump on Thursday signed a long-anticipated executive order calling for the federal government to ramp up its cybersecurity measures.
And once the announcement was made, it didn’t take long for cybersecurity experts to chime in with their analysis of the order, which among many things calls on federal agencies to maintain and modernize its information technology infrastructure so threats can be detected more easily and networks are more resilient.
“The executive branch has for too long accepted antiquated and difficult–to-defend IT,” Trump’s order read.
James Carder, the chief information security officer for LogRhythm, said the executive order encompasses many of the recommendations his firm makes to its clients. In particular, Carder, who has nearly 20 years of experience in IT security consulting, said he was pleased that Trump’s directive includes language for funding the improvements and holding officials responsible.
“It’s about time the government and critical infrastructure organizations take cybersecurity seriously,” he said. “Protecting these assets is imperative to protecting the American people and our way of life.”
The Department of Homeland Security has already started some of the groundwork Trump laid out in the order. Three months ago, the agency awarded a contract to Bastille to survey critical infrastructure for both public and private sectors for vulnerabilities from radio-based attacks.
“As so many administrative and process control systems use radio rather than hardwired connections, it is essential that every facility be aware of what's happening in its airspace as well as on its wired networks,” Bastille CEO Chris Risley said.
Cybersecurity has become a growing concern for American officials in recent years as the number of attacks has grown exponentially in recent years. Hackers have targeted such companies as Home Depot and Target as well as federal agencies, including the Office of Personnel Management. The attacks on OPM exposed personal information for more than 21.5 million current and former federal workers and contractors.
Michael Patterson, the CEO of security analytics firm Plixer, noted the OPM breach when he said he thought the order should have included a mandate for agencies to have forensic incident response systems in place that can quickly remedy the situation.
“With the amount of attacks that Government Agencies incur every day, it is not a matter of if, but when hackers will be successful,” Patterson said. “The key is to be alerted and respond as quickly as possible.”
The executive order did not just focus on attacks that compromised personally identifiable information. Trump also called for DHS secretary John Kelly and Energy Secretary Rick Perry to consult with state and local level officials to assess the threats cyberattacks pose on the country’s power supply.
That assessment is due within 90 days, according to the order.
Edgard Capdevielle said he was encouraged to see the country’s electricity infrastructure mentioned specifically in the order. He added that technology is available to help the utility companies become more resilient.
“Innovations such machine learning and artificial intelligence enable real-time monitoring and anomaly detection that offer critical infrastructure operators better tools to manage cyber risk and minimize disruptions,” said Capdevielle, the CEO of Nozomi Networks. The Swiss-based company provides real-time cybersecurity solutions for major industrial complexes.
Cybersecurity experts have called on government officials to be more willing to share information about the attacks their agencies have endured. In the order, Trump calls for agencies not only to share information with other agencies but also with the country’s allies.
Travis Farral, the director of security strategy for Anomali, called the order a “solid step” forward in bolstering the country’s security. Anomali is a California-based company that helps clients discover and respond to threats.
“When an organization, including the federal government, operates largely in silos, they miss out on a valuable force multiplier by leveraging resources from other agencies through sharing intelligence and other crucial information,” he said. “Threat intelligence sharing should serve as the backbone of a strong cybersecurity program, and with more robust cyber threat information sharing protocols in place, U.S. government agencies can better leverage resources to defend against cyberattacks.”
MCLEAN, VA May 10,2017 The U.S. Department of Treasury has selected BAE Systems to support the agency’s Office of Terrorism and Financial Intelligence (TFI) in safeguarding the country’s financial system against threats posed by rogue nations, terrorist facilitators, drug cartels, and other national security threats.
BAE Systems is among a group of federally-approved contractors that will have the opportunity to compete for future task order contracts to assist TFI in researching, analyzing, and documenting complex financial, trade, and other business activities in support of federal investigations and prosecutions. The maximum lifecycle value of all task orders to be awarded under the contract is estimated at $135 million. This work plays a critical role in enforcing the violations and sanctions programs administered by the Department of Treasury.
“Our financial crimes experts work alongside the government to investigate and track down illicit finance suspects at home and overseas,” said Mark Keeler, acting president of BAE Systems’ Intelligence & Security sector. “We have a deep understanding of the revenue streams and financial tactics used by terrorist networks and criminal organizations, which pose threats to our national security and could compromise international financial stability.”
In addition to offering expert threat finance intelligence analysis and mission support, BAE Systems works closely with commercial financial institutions across the globe to build and refine defense-grade, anti-money laundering technologies. The company’s NetReveal suite of solutions are trusted and used by major global banks, insurers, government departments, and law enforcement agencies around the world to prevent and detect fraud and financial crimes in real-time to thwart criminal threats and minimize customer risk.
BAE Systems provides intelligence and security services to manage big data, inform big decisions, and support big missions. BAE Systems delivers a broad range of solutions and services including intelligence analysis, cyber operations, IT, systems development, systems integration, and operations and maintenance to enable militaries and governments to recognize, manage, and defeat threats. The company takes pride in supporting critical national security missions that protect the nation and those who serve.
NEW YORK May 8, 2017 New research reveals that cyberattacks on the government sector doubled in 2016, hiking to 14 percent from seven percent of all cybersecurity attacks in 2015. Attacks on the finance sector also rose dramatically from just three percent in 2015 to 14 percent of all attacks in 2016.
The manufacturing sector came in at third place at 13 percent, while the retail sector, which topped the list of all cybersecurity attacks on all sectors in 2015 moved down into fourth place (11 percent).
This is according to Dimension Data’s Executive’s Guide to the NTT Security 2017 Global Threat Intelligence Report, which was compiled from data collected by NTT Security and other NTT operating companies including Dimension Data, from the networks of 10,000 clients across five continents, 3.5 trillion security logs, 6.2 billion attempted attacks, and global honeypots and sandboxes located in over 100 different countries.
The report pinpoints several global geo-political events which could have contributed to the government sector being a cybersecurity attack target. These include:
- the U.S. presidential election campaign
- a new U.S. administration with a more aggressive stance toward China and North Korea
- China adopting a more aggressive policy stance in securing its vital ‘core interests
- U.S. and European Union-led economic sanctions against Russia
- Russian state-sponsored actors continuing cyber operations against Western targets
- growing negative sentiment in the Middle East against the West’s aggression towards Syria
Matthew Gyde, Dimension Data’s Group Executive – Security said, “Governments all over the world are constantly under the threat of sophisticated attacks launched by rival nation-states, terrorist groups, hacktivists and cybercriminals. That’s because government agencies hold vast amounts of sensitive information – from personnel records, budgetary data and sensitive communications to intelligence findings. What’s interesting is that this year we saw numerous incidents involving insider threats.”
Commenting on the financial services industry, Gyde said the ongoing attacks in the financial services industry is no surprise. “These organizations have large amounts of digital assets and sensitive customer data. Gaining access to them enables cybercriminals to monetize personally identifiable information and credit card data in the underground economy.”
Other highlights in the report are:
- Sixty-three percent of all cyberattacks originated from IP addresses in the U.S., followed by the U.K. (four percent), and China (three percent). The U.S. is the predominant location of cloud-hosted infrastructure globally. Threat actors often utilize public cloud to orchestrate attacks due to the low cost and stability of this infrastructure.
- The Internet of Things (IoT) and operating technology (OT) devices must be considered as both a potential source and target of attack. Of the IoT attacks detected in 2016, some 66 percent were attempting to discover specific devices such as a particular model of video camera, three percent were seeking a web server or other type of server, while two percent were attempting to attack a database.
- The top cybersecurity threats facing digital businesses are phishing, social engineering and ransomware; business email compromise; IoT and distributed-denial-of-service (DDoS) attacks; and attacks targeting end-users.
Click here to download Dimension Data’s Executive’s Guide to the 2017 Global Threat Intelligence Report.
About Dimension Data
Founded in 1983, Dimension Data plc is an ICT services and solutions provider that uses its technology expertise, global service delivery capability and entrepreneurial spirit to accelerate the business ambitions of its clients. Dimension Data is a member of the NTT Group. Visit us at http://www.dimensiondata.com/en-US, like us on www.facebook.com/DimensionDataAmericas or follow us @DimensionDataAM.
WASHINGTON May 9, 2017 According to the Center for Cyber Safety and Education™ Global Information Security Workforce Study (GISWS), sponsored by (ISC)²®, Booz Allen Hamilton and Alta Associates, federal agencies need to invest strategically and heavily in their benefits strategy if they're going to successfully compete for cybersecurity talent. U.S. federal data from the study was released today during a panel discussion of experts at the (ISC)2 CyberSecureGov training event in D.C., which included Dan Waddell, (ISC)² managing director, North America, Rodney J. Petersen, director of National Initiative for Cybersecurity Education, NIST, and Ron Sanders, senior executive advisor and fellow at Booz Allen Hamilton.
One of the largest studies of the information security profession ever conducted, the survey of over 19,600 information security professionals included responses from 2,620 U.S. Department of Defense, federal civilian and federal contractor employees. When asked to rate the importance of factors needed to effectively secure an organization's infrastructure, the majority (87 percent) of federal respondents placed the hiring and retaining of qualified information security professionals at the top of the list. To effectively retain existing information security professionals and attract new hires, federal respondents indicated that offering training programs, paying for professional cybersecurity certifications, boosting compensation and providing more flexible and remote work schedules and opportunities were the most important initiatives.
"It's crystal clear that the government must enhance its benefits offering to attract future hires and retain existing personnel given its fierce competition with the private sector for skilled workers and the unprecedented demand; unfortunately, the layers of complexity involved in fulfilling that goal are significant," said Waddell. "Thanks to the record-number of federal GISWS respondents this year, we now have substantial data that will support actionable take-aways and help move agencies closer to achieving that goal."
Key takeaways for federal agencies looking to attract and retain information security professionals include:
- In competing with the private sector for skilled professionals, hiring women and those from underrepresented groups should be a key component of the government's talent acquisition strategy given that 70 percent say their organization offers a program that encourages diverse hiring in information security, compared to just 55 percent in the private sector.
- Government agencies will need to increase annual salaries of information security personnel by approx. $7,000 in order equal the annual salaries of their private sector counterparts.
- The NIST Cybersecurity Workforce Framework should be established as the foundation for workforce policy moving forward, as its effectiveness is being demonstrated by its early adoption by a considerable number of federal government agencies.
- Cloud remains the area in highest demand for training and education. As more government agencies move their data to the cloud, they must consider training initiatives to help ensure that staff across multiple roles and departments is aware of the security risks and benefits.
- There is an ongoing need for front-line experience within the federal cybersecurity workforce, with the greatest demand being at the non-managerial staff level.
- Professionalization of the workforce through certification remains strong, as 73 percent of federal agencies require their IT staff members to hold information security certifications.
"The mission of government cybersecurity professionals is critically important," said Sanders. "In today's environment where cyber talent is scarce, organizations must recruit and train untapped talent pools, focusing on women, minorities, veterans and older workers. And while it can be difficult for government agencies to compete on salary alone when vying for these cyber warriors, they can appeal to a recruit's sense of mission and purpose, tout the cutting-edge work being done and highlight opportunities for advancement."
For a complete set of U.S. federal findings from the 2017 GISWS, go to: www.IAmCyberSafe.org/GISWS
(ISC)² is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. Our membership, over 123,000 strong, is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and EducationTM. For more information on (ISC)², visit www.isc2.org, follow us on Twitter or connect with us on Facebook.
© 2017 (ISC)² Inc., (ISC)², CISSP, SSCP, CCSP, CAP, CSSLP, HCISPP, CCFP, ISSAP, ISSEP, ISSMP and CBK are registered marks, of (ISC)², Inc.
About the Center for Cyber Safety and Education
The Center for Cyber Safety and Education (Center), formerly (ISC)² Foundation, is a nonprofit charitable trust committed to making the cyber world a safer place for everyone. The Center works to ensure that people across the globe have a positive and safe experience online through their educational programs, scholarships and research. Visit www.IAmCyberSafe.org.
About Booz Allen Hamilton
Booz Allen Hamilton (NYSE: BAH) has been at the forefront of strategy and technology for more than 100 years. Today, the firm provides management and technology consulting and engineering services to leading Fortune 500 corporations, governments, and not-for-profits across the globe. Booz Allen partners with public and private sector clients to solve their most difficult challenges through a combination of consulting, analytics, mission operations, technology, systems delivery, cybersecurity, engineering, and innovation expertise.
With international headquarters in McLean, Virginia, the firm employs more than 23,000 people globally, and had revenue of $5.41 billion for the 12 months ended March 31, 2016. To learn more, visit BoozAllen.com.
By Steve Bittenbender
Editor, Government Security News
President Donald Trump spent part of Wednesday morning using social media to defend his decision a day earlier to fire James Comey as the director of the Federal Bureau of Investigation.
“James Comey will be replaced by someone who will do a far better job, bringing back the spirit and prestige of the FBI,” the President posted as part of a series of messages on his Twitter account. “Comey lost the confidence of almost everyone in Washington, Republican and Democrat alike. When things calm down, they will be thanking me!”
It may take some time for things to calm down as news of the embattled director’s ouster caught most of Washington by surprise. Comey had drawn criticism from lawmakers for his handling of investigations related to last year’s presidential election.
Many Democrats believed Comey’s decision to reopen the case against Hillary Clinton late in the campaign opened the door just wide enough for Trump to win the election. Just last week, Comey testified before a Senate committee that it made him “mildly nauseous” that his decision may have impacted the race.
However, Democratic leaders questioned why the President chose to dismiss Comey, who still had more than half of his 10-year term left to serve.
"Director Comey's dismissal is extremely troubling,” Rep Joe Crowley, the chairman of the House Democratic Caucus said in a statement Tuesday evening. “President Trump fired the man investigating him and his cohorts. I strongly support calls for the appointment of a special prosecutor.”
The news even surprised many Republican lawmakers.
“I've spent the last several hours trying to find an acceptable rationale for the timing of Comey's firing,” Sen. Jeff Flake of Arizona posted on his Twitter account. “I just can't do it.”
Trump’s decision came hours after it was revealed that the FBI sent a letter to Senate Judiciary Committee correcting some of the testimony Comey gave in regards to the Clinton investigation. He relieved Comey after receiving a recommendation of Attorney General Jeff Sessions.
Sessions, in his memo to Trump, cited that the FBI director needs to “be someone who follows faithfully the rules and principles of the Department of Justice and who sets the right example for our law enforcement officials.” Rod Rosenstein, Sessions’ deputy attorney general, said in a letter to his boss that Comey’s mishandling of the Clinton investigation provided ample justification for his ouster.
“As a result, the FBI is unlikely to regain public and congressional trust until it has a Director who understands the gravity of the mistakes and pledges never to repeat them,” Rosenstein wrote. “Having refused to admit his errors, the Director cannot be expected to implement the necessary corrective actions.”
In addition to investigating the Clinton campaign, the FBI also has been checking Trump’s campaign and its alleged ties to Russian officials suspected of interfering with the presidential election. CNN reported Tuesday night that a federal grand jury issued subpoenas for associates of former National Security Advisor Michael Flynn.
Flynn resigned less than a month after Trump took office for failing to disclose meetings with Russian officials.
In his letter to Comey, Trump said that the now-former FBI director stated repeatedly that the President himself was not under investigation. However, the firing may lead to lawmakers setting up their own review.
“My staff and I are reviewing legislation to establish an independent commission on Russia,” tweeted Rep. Justin Amash, a Republican member of the House Committee on Oversight and Government Reform and its subcommittee on national security.
However, at least one senator believes Trump's decision won't affect the bureau's own investigation into the matter.
“Any suggestion that today’s announcement is somehow an effort to stop the FBI's investigation of Russia’s attempt to influence the election last fall is misplaced," said Maine Republican Sen. Susan Collins, who added that Comey's handling of the Clinton case made his ouster inevutable. "The President did not fire the entire FBI; he fired the director. I have every confidence that the FBI will continue to pursue its investigation. In addition, I am certain that the Senate Intelligence Committee, on which I serve, will continue its own bipartisan investigation and will follow the evidence wherever it leads."
WASHINGTON May 3, 2017 The American Federation of Government Employees strongly supports the reintroduction of a bill granting Title 5 rights to TSA Officers from Representatives Bennie Thompson of Mississippi and Nita Lowey of New York. Introduced last year as The Rights for Transportation Security Officers Act, this year’s bill finally grants transportation security officers (TSOs) the same workplace rights as all federal employees, including their colleagues in the Department of Homeland Security.
“Implementing basic worker protections for those charged with protecting our skies is a necessary step to increase security and improve workforce morale. TSA’s current personnel system has not served the agency well and lacks the means to attract and retain a strong workforce,” said Rep. Thompson. “This legislation we introduced today will ensure TSA’s personnel and labor management systems are brought in line with the rest of the federal government under Title 5. I hope my colleagues will agree that these frontline security workers should receive the rights and benefits they earned.”
“More than 42,000 Transportation Security Officers who serve on the front lines of aviation security at airports across the United States are denied worker rights and protections, including full collective bargaining, the right to a fair grievance and arbitration system, and statutory civil rights protections. Transportation Security Officers should be treated like their fellow employees across the Federal government. Our bill would grant TSO these rights, enhancing America’s security by retaining experienced and dedicated officers with improved workforce morale. To truly provide comprehensive transportation security, we must take care of those who take care of us,” said Rep. Lowey.
The new legislation would put TSOs on the General Schedule pay scale and provide them with much needed statutory worker protections like the Family and Medical Leave Act and the Fair Labor Standards Act. Being recognized as equal counterparts to their fellow federal employees would greatly improve workplace conditions and boost morale – which fell to an all-time low last year – at the agency.
“Thank you to Representatives Thompson and Lowey for once again recognizing how important it is to offer fair treatment to the men and women who risk their lives guarding our airports every day,” said AFGE TSA Council President Hydrick Thomas. “Last year our TSA Officers stopped a record number of firearms, dealt with a massive influx in passenger volume while being understaffed, and once again kept our flying public safe – all while being treated like second class citizens in their workplace. Being offered fair pay, workplace protections, the right to appeal adverse decisions to a third party, and full collective bargaining rights are long overdue and will help boost morale for the working people who safeguard our skies,” he added.
“Last year our TSA Officers were faced with a nearly insurmountable task, but they rose to the occasion and got the American travelling public to where they needed to be,” said AFGE National President J. David Cox Sr. Adding, “We are thrilled that Representatives Thompson and Lowey have once again introduced legislation that will finally offer our officers the same rights and protections as the rest of the federal workforce. TSA Officers have safeguarded our airports for 16 years, and have done an admirable job. Equal treatment by the federal government is desperately needed and very appreciated by the men and women who make sure you can fly without fear.”
AFGE urges Congress to pass the Rights for Transportation Security Officers Act to recognize the daily sacrifices TSA Officers make to protect the flying public.
The American Federation of Government Employees (AFGE) is the largest federal employee union, representing 700,000 workers in the federal government and the government of the District of Columbia.
WASHINGTON May 2, 2017 The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has awarded $9.7 million to 12 small businesses for 13 Phase II contracts through the Small Business Innovation Research (SBIR) program.
Each Phase II award contract received approximately $750,000 to develop a prototype based on the feasibility of the technologies demonstrated in the Phase I effort, which were completed in November 2016.
“Small businesses play a key role in developing effective and innovative solutions to pressing homeland security challenges,” said DHS Under Secretary for Science and Technology (Acting) Dr. Robert Griffin. “The SBIR program enables us to capture some of the best scientific thinking to find solutions to apply in the current threat landscape.”
The Phase II contracts were awarded to:
• BlockCypher (Redwood City, CA), Blockchain Platform for Multiple Blockchains, Applications, and Analytics
• BlueRISC Inc. (Amherst, MA), Cyber Attack Prediction for Situational Understanding and Preemptive Cyber Defense
• Card Smart Technologies (Basking Ridge, NJ), Composite Identity for High Assurance Remote Identity Proofing
• Digital Bazaar (Blacksburg, VA), Verifiable Claims and Fit-for-Purpose Decentralized Ledgers
• Evernym Inc. (Herriman, UT), Decentralized Key Management using Blockchain
• Evigia Systems, Inc. (Ann Arbor, MI), Wide-Area Flood Alert Sensor Network
• Inferlink Corp. (El Segundo, CA), OpenWatch: An Architecture for Scalable Resiliency Assessment
• McQ Inc. (Fredericksburg, VA), MEGASCOP: Multi Interface Secure Audio/Video Rebroadcasting (SAVR) System
• Oceanit Laboratories (Honolulu, HI), FIND (First responder INdoor Determination)
• Physical Optics Corp. (Torrance, CA), Real-time Flood Forecasting and Reporting
• Physical Optics Corp. (Torrance, CA), Real-time Information Contextual Correlation and Analysis Software System
• Progeny Systems Corp. (Manassas, VA), Internet of Things (IoT) Low-Cost Flood Inundation Sensor
• Red Balloon Security (New York, NY), Hybrid Prediction for Embedded Malware
Initiated in 2004, the DHS S&T SBIR Program is a competitive contract awards program designed to increase the participation of innovative and creative U.S. small businesses in federal research and development initiatives and to increase private sector commercialization of SBIR-funded solutions.
To learn more the DHS SBIR Program, visit the DHS SBIR Program Portal: https://sbir2.st.dhs.gov
PHOENIX May 3, 2017 BeyondTrust, the leading cyber-security company dedicated to preventing privilege misuse and stopping unauthorized access, today unveiled the results of its Federal Cyber-Security Threat Survey Report 2017. Based on a comprehensive survey of senior Federal IT professionals, the study exposes an aging Federal computing infrastructure which has led to an environment with an alarmingly high risk of breaches.
105 senior IT professionals working for federal agencies were asked about their computing infrastructure, security, breaches and IT modernization. A summary of the findings is included below.
Federal IT managers concerned about antiquated infrastructure.
An overwhelming majority of Federal IT managers (81 percent) say aging IT infrastructures have a somewhat to extremely large impact on their cyber-security risk. Further, three of five (61 percent) say aging infrastructure is a roadblock to achieving federal cyber-security mandate compliance.
We found ample examples of aging infrastructure in our survey. For example, a surprising 47 percent of Federal agencies still use Windows XP, driving a third of respondents (35 percent) to report that this kind of aging infrastructure had a somewhat to large impact on their ability to affect vulnerability patching.
The impacts of aging federal infrastructure don’t stop there …
- · Three of four say aging infrastructure is a somewhat to extremely large risk to their ability to achieve their mission.
- · The biggest impacts include inefficiency, increased cyber risk and problems with compliance.
- · Specific to cyber-security, the top impacts of an aging infrastructure are difficulty with patching, password management and privileged account management (PAM).
- · Respondents cite aging infrastructure as the top roadblock in the way of achieving federal cyber-security mandates
Aging Infrastructure Leads to Breaches
Aging infrastructure is not just a problem in theory; aging infrastructure makes federal systems more vulnerable to attack, which has led to an environment that could be rife for breaches.
- · 42 percent have experienced a data breach within the past 6 months.
- · A staggering one in eight has experienced a data breach within the past 30 days.
- · Put another way, the typical federal IT system experiences one breach every 347 days.
- · Respondents report that the typical data breach costs more than $91,000.
- · The total cost due for data breaches is $637 million every year.
- · The most frequently reported costs include loss of productivity, loss of reputation and pure monetary damages.
Privileged Account Management: Gap Between Theory and Practice
We asked respondents what tools were most important to them in terms of securing their information environment. Here they ranked privileged access management and vulnerability patching as most important. This is significant as these technologies restrict user privileges and close off security weaknesses in systems.
Yet, despite understanding the importance of such measures, most (56 percent) use alternate solutions to manage privileged passwords and nearly two-thirds (63 percent) report less than fully mature vulnerability remediation programs. In fact, 6 percent have NO remediation plan, and another 14 percent do only the bare minimum required by compliance mandates.
What IT Can Do Mitigate the Security Risk of Aging Federal Infrastructure
The BeyondTrust 2017 US federal government study points to four best practices that any agency can implement.
- · Manage privileged credentials with greater discipline, eliminate administrator rights and enforce least privilege
Thirty percent of respondents believe that insider threats pose a significant threat and 35 percent believe their users have more privileges than are required. To mitigate insider threats and the exploitation of privileges, adopt a least privilege model by removing admin rights from users and storing all privileged credentials in a secure safe. Known escalation attacks have been around for years and are still being used. These attacks require local administrator rights. It’s not just about insiders. Enforcing least privilege prevents lateral movement within an organization if a breach does occur.
- · Isolate Legacy Systems to reduce attack surfaces
Modernization of federal IT infrastructure is a priority for most survey respondents, but realistically this will not happen quickly. These aging systems have known risks. Reduce the attack surface by isolating legacy systems. Segment these systems to force all traffic through a proxy to reduce attack vectors. Deploy an automated password and session management solution that provides secure access control, auditing, alerting and recording for any privileged account. This will provide segmented access to critical systems, manage passwords, and monitor when tasks and operations are committed to a managed system.
- · Improve the maturity of vulnerability management through automated patching
Even in today’s sophisticated threat landscape, the majority of attacks target known vulnerabilities that can be easily patched. Effective patch management goes a long way in reducing a network’s overall attack surface. To be truly effective, patch management requires intelligent prioritization and broad coverage for common business applications. To improve the efficiency and effectiveness of an agency patch process deploy a solution that provides integrated, automated patching. Implementing a solution that delivers analytics and trending across the threat lifecycle for multi-dimensional reports on assets, vulnerabilities, attacks and remediation allows prioritized patch management based or risk profile.
- · Unite threat intelligence from multiple sources to better prioritize risks across the environment
Since the asset risk-to-user privilege risk pattern is a common attack vector, deploy solutions that correlate asset-based risk with user-based activity to gain a more complete picture of risks, gaining needed prioritization of the most impactful risks. For example, advanced persistent threats (APTs) can be analyzed against privileged password, user, and account activity, along with asset characteristics such as vulnerability count, vulnerability level, attacks detected, risk score, applications, services, software and ports. Consuming multiple data feeds from in-place solutions into a single console can help mitigate additional costs and reduce complexity.
“The federal government is moving to modernize its aging infrastructure,” said Kevin Hickey, President and CEO at BeyondTrust. “But that takes time, and in the meantime, federal systems face a real risk. These are simple steps IT can take today to help mitigate that risk.”
Federal Cyber-Security Threat Survey Report
For more information on the 2017 US Federal Government Security Survey, please visit: https://beyondtrust.com/aging-fed-it-risky.
BeyondTrust is a global information security software company that helps organizations prevent cyber attacks and unauthorized data access due to privilege abuse. Our solutions give you the visibility to confidently reduce risks and the control to take proactive, informed action against data breach threats. And because threats can come from anywhere, we built a platform that unifies the most effective technologies for addressing both internal and external risk: Privileged Access Management and Vulnerability Management. Our solutions grow with your needs, making sure you maintain control no matter where your company goes. BeyondTrust’s security solutions are trusted by over 4,000 customers worldwide, including half of the Fortune 100. To learn more about BeyondTrust, please visit www.beyondtrust.com.
WASHINGTON, May 3, 2017 The Center for Immigration Studies will host a panel discussion on Wednesday, May 10, focusing on the security threat posed by the ineffective vetting of those applying for asylum after entering illegally, specifically addressing the weaknesses in the "credible fear" process.
The vetting of refugees, and the attendant national security risk, has been widely discussed. But the vetting – or lack thereof – of asylum applicants has received little attention. This is a serious oversight, because while refugees are vetted before ever being allowed to step foot in the U.S., most asylum applicants are already here.
Date: Wednesday, May 10, 2017
Time: 9:30 a.m. EDT
Location: Bloomberg Room, National Press Club, 14th & F streets, NW, Washington, D.C.
Note: QR code is required to access the Club (QR code available at: http://cis.org/press-release/asylum-fraud-panel)
Resident Fellow in Law and Policy, Center for Immigration Studies, will present his paper "Fraud in the "Credible Fear" Process: Threats to the Integrity of the Asylum System". Arthur served for eight years as an immigration judge in York, Pa. After leaving the bench, he worked as staff director of the National Security Subcommittee at House Oversight and Government Reform.
Mark H. Metcalf
A Kentucky prosecutor and former judge in Miami, is author of "Built to Fail: Deception and Disorder in America's Immigration Courts" and "Courting Disaster". Prior to his time on the bench, he served in posts at the Justice and Defense Departments in the administration of George W. Bush.
Bensman works in the criminal intelligence field, after over 20 years as an investigative journalist, reporting on terrorism and counterterrorism enforcement, U.S. border security, and Mexico's ongoing civil drug war. Home page: http://www.toddbensman.com
Moderator, Mark Krikorian, Executive Director, Center for Immigration Studies
LOS ANGELES May 2, 2017 Crowell & Moring is pleased to announce that Paul M. Rosen, a former federal prosecutor who served as a senior government executive at the Department of Homeland Security, including chief of staff to former Homeland Security Secretary Jeh Johnson, has joined the firm's Los Angeles office as a partner in the White Collar & Regulatory Enforcement, Privacy and Cybersecurity, and Government Contracts groups. With more than a decade of legal and policy experience across all three branches of the U.S. government, Rosen will focus his practice on government investigations, cybersecurity and data privacy, and crisis management.
Rosen will represent corporate and individual clients enmeshed in major controversies that involve government enforcement actions, internal investigations, and litigation in connection with criminal, civil, regulatory, administrative, transactional, and congressional matters.
"Paul's understanding of government controversies – including investigations and prosecutions – and how to respond to them on behalf of clients is a significant asset for those facing all manner of legal crises," said Angela Styles, chair of Crowell & Moring. "His experience in coordinating responses to national security incidents, including major data breaches, is precisely the insight our clients need amid the ever-present threat of cyberattacks. We are very pleased that Paul has joined our firm."
In his most recent role, Rosen managed for Secretary Johnson the operational, policy, and legal needs of the third-largest department in the Executive Branch, advising on a broad range of national security issues from counterterrorism, cybersecurity, border security, and aviation security to trade and travel, immigration and visa policies, CFIUS, and criminal law enforcement matters. In addition, Rosen has more than four years of experience as a prosecutor and counselor within the Department of Justice. Among his roles, he investigated and prosecuted nationwide, multi-jurisdictional financial fraud matters as a trial attorney for the Department of Justice's Criminal Fraud Section. He also was counselor to Joseph R. Biden on the Senate Judiciary Committee.
"Paul is a superb addition to our outstanding white collar team at Crowell & Moring," said Daniel L. Zelenko, chair of the firm's White Collar and Regulatory Enforcement Group. "With substantive experience as a federal prosecutor and key executive leadership roles at the DHS, he brings a unique mix of knowledge and relationships to help navigate our clients through any crisis. We are thrilled to have him on board."
"Paul is also well-equipped to handle corporate cybersecurity challenges," said Jeffrey L. Poston, co-chair of the firm's Privacy and Cybersecurity Group. "He has the experience to identify areas of potential exposure, assist clients navigate areas of government scrutiny, and coordinate incident response with federal and state law enforcement agencies."
"Paul's government leadership and his knowledge of the contracting industry will be a service to our clients," said Daniel R. Forman, co-chair of the firm's Government Contracts Group. "His senior executive experience at DHS in particular will add significant value to government contractors who do business with Homeland Security."
Rosen's practice in Los Angeles will encompass a wide range of criminal, regulatory, and civil litigation matters, as well as governmental and internal investigations. Given his extensive government experience in Washington, Rosen will be in a unique position to advise clients across the United States, particularly those on the West Coast, that are dealing with looming government controversies.
"Crowell & Moring has an exceptional combination of terrific lawyers and superb practices in white collar, privacy and cybersecurity, and government contracts, and I am thrilled to join its partnership and further expand the firm's West Coast presence in these areas," Rosen said. "I am looking forward to helping clients, wherever they reside, craft innovative solutions to their most challenging problems."
Rosen is the recipient of the DHS Distinguished Service Medal, the highest honor bestowed by the Secretary to recognize exceptional and transformational public service; the Director's Distinguished Service Award from the Secret Service; and the Investigation Award of Excellence by the Council of Inspectors General on Integrity and Efficiency. He is a speaker at Harvard's John F. Kennedy School of Government and the University of Southern California.
Rosen received his J.D., Order of the Coif, from the University of Southern California School of Law and his B.A., summa cum laude, from the University of Colorado at Boulder. He was law clerk to U.S. District Court Judge Gary Allen Feess of the Central District of California.
About Crowell & Moring's Government Contracts Group
For more than 40 years, Crowell & Moring's nationally recognized Government Contracts Group has set the standard for effective legal guidance in this highly complex arena. With approximately 60 lawyers, it is one of the largest and most reputable government contracts practices in the United States and worldwide. The group's experience covers virtually every aspect of the increasingly complex and heavily regulated government contracts and grants process, from entering the government marketplace and bidding on public contracts to complying with complex regulatory regimes and performing contracts, litigating disputes, and handling terminations. The group publishes the Government Contracts Legal Forum blog, (www.governmentcontractslegalforum.com), which provides legal insight on current issues for government contractors.
About Crowell & Moring's Privacy & Cybersecurity Group
Crowell & Moring's Privacy & Cybersecurity Group guides clients across multiple industries through the myriad federal, state, and international laws governing the collection, use, transfer, and protection of data. The group understands the internal and external threats that clients face to their data and systems and provides end-to-end support, from risk mitigation to incident response and litigation defense. The Group provides practical advice that permits our clients to address privacy and cybersecurity issues in a manner that reflects their business needs and risk exposure. The group integrates with nearly every practice group in the firm, including intellectual property, corporate, insurance, white collar, trade secrets, health care, energy, transportation, and government contracts to address the full range of privacy, cybersecurity, and litigation risks faced by clients. The group publishes the Data Law Insights blog (crowelldatalawinsights.com), which includes legal insights on navigating privacy, data protection, cybersecurity, information governance, and e-discovery.
About Crowell & Moring's White Collar & Regulatory Enforcement Group
Crowell & Moring's White Collar & Regulatory Enforcement Group routinely represents clients in the most significant white collar cases in the United States and has successfully defended and counseled clients around the world regarding all manner of government investigations, criminal trials, regulatory enforcement actions, and internal investigations. The diverse team includes lifelong defense lawyers, including former assistant federal defenders, as well as former prosecutors and enforcement attorneys from the Department of Justice, the Office of Independent Counsel, United States Attorney's Offices, and the Securities and Exchange Commission.
About Crowell & Moring LLP
Crowell & Moring LLP is an international law firm with approximately 500 lawyers representing clients in litigation and arbitration, regulatory, and transactional matters. The firm is internationally recognized for its representation of Fortune 500 companies in high-stakes litigation, as well as its ongoing commitment to pro bono service and diversity. The firm has offices in Washington, D.C., New York, Los Angeles, San Francisco, Orange County, London, and Brussels.