Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Virtualization, cloud complicate insider threats for federal CIOs

Kenneth Corbin | Sept. 26, 2014
The expansion and blurring of the traditional government network environment require federal IT officials to rethink contracting processes and embrace real-time security monitoring.

Another agency in a similar position is the Securities and Exchange Commission. With its cache of corporate filings that heavily influence trading activities, the SEC receives more than 2 billion hits on its website each month, according to CIO Tom Bayer.

Bayer's team at the SEC is "very much in favor of continuous monitoring" and undertakes a security evaluation to consider potential threats before deploying a new system or application on the network.

However, the heightened security procedures Bayer and other government CIOs put in place can be highly labor-intensive, creating another challenge for federal agencies already struggling to do more with less amid a tight budget environment.

"It requires us to spend more time monitoring and understanding the logs," Bayer says. "My concern is that federal agencies don't always get the opportunity to invest in checking what's happening from an erratic perspective, and that investment takes time and it takes a lot of effort."

As important as new sensor-enabled monitoring and big data technologies may be to protecting the evolving network architecture, officials also note that they can't overlook some of the fundamental security procedures involving access and authentication that should have been in place all along but have, in fact, been inconsistently implemented. Those policies, what some refer to as basic "blocking and tackling," can't be taken for granted, Skudlarek argues. He cautions that CIOs need to re-examine some of the security basics even as they pursue new technologies to fortify their shape-shifting networks.

"While it's true insiders are now a significant threat," he says, "the other significant threat is where you weren't following basic standard security protocols that you should have been following in the first place."


Previous Page  1  2  3 

Sign up for Computerworld eNewsletters.