Insider Threat Within Government

Whether it's an Edward Snowden situation or "simply" just someone clicking on a rogue link, insider threat is a real issue for every organization. Insider threat is defined as a malicious threat to the security of an organization and its data that comes from people within the organization, such as employees, former employees, contractors or business associates. These people have some level of legitimate access to systems and information and therefore can open an organization up to attack or a breach. One statistic estimates there is one insider threat for every 6,000 to 8,000 employees within a government agency.

To mitigate this threat, government agencies need a combination of monitoring and detection technologies, identity management tools, process and policy reviews, forensic capabilities, and user training.  It's a complex problem to "solve" but luckily there are a number of events and resources available to help make sense of all of the issues.

We've pulled together a list of several upcoming events to help in understanding and mitigating insider threats to any agency or organization.

Continue reading

Digital Forensics 101

The digitization of records and processes across government increases the need for sound digital investigation tools and processes. Whether it is looking into a data breach or gathering information for litigation, organizations are spending a lot of time culling through this data to get answers to pressing issues. An IDG survey found that a vast majority of organizations conduct digital investigations on a weekly basis. These investigations range from proving regulatory compliance, security incident response (including post-event analysis), and stopping high risk employee behavior (acceptable use violations).

We sat down with Tod Ewasko, Director of Product Management at AccessData to learn more about the role of digital investigations as a part of everyday IT efforts.

Q: Who "owns" forensics? IT? Legal? HR?

A: The answer is kind of all three. Many people lump forensics in with cybersecurity, but it's really a separate entity. Yes, forensics tools are used to investigate cyber incidents, but they are not preventative. That is what you have the "hunting" tools out there for - watching firewalls and logs for anomalous behavior or activity. Once that is stopped, then the forensics tools come in to make sense of it - to see how it happened and drive the plans to make sure it does not happen again. Forensic tools look beyond the event and gather all data relevant to the systems in question.

Q: Is forensics all reactive then? Continue reading

National Guard Chief Predicts Changes In Training

From time to time GovEvents will come across information we feel our members and audience would benefit from. Here's something we wanted to share:

As some Army National Guard soldiers begin training under a new system that increases the number of days on the range, the chief of the National Guard Bureau predicts "some changes" if the greater demands are not sustainable over the next few years.

In remarks at a March 12 forum hosted by the Association of the U.S. Army's Institute of Land Warfare, Air Force Gen. Joseph L. Lengyel said the Sustainable Readiness Model put in place in fiscal 2017 as a means of reaching a higher level of readiness across all components makes higher training demands on reserve forces. It may not be sustainable for individual soldiers whose "civilian lives won't be able to tolerate it," he said. "I predict there will be some changes."

"Those heavy brigades are going to do 39 days one year, 48 days next year, 60 days in that third year and to sustain that readiness they're going to do 51 days the following year," Lengyel said. "That's a lot of training days. A lot of days." Continue reading

Getting (Vendor) Certified

We've written before about the importance of certifications for expanding your knowledge base and helping you stand out among competition when looking for new career opportunities. As we highlighted in that post, industry certifications show mastery of a certain skill area from security to project management to database administration. Today we want to highlight the power of vendor-specific certifications for your career.

Much like we wrote about the value of vendor-led events, there is a tangible benefit in being certified in specific technologies as there's no escaping the major technology vendors. Their technology is in place across the government and oftentimes is providing the platform on which entire IT infrastructures are designed. Doing a deep dive and getting certified in a technology that is critical to your agency makes you a key resource for ensuring that the systems that rely on that vendor keep running and evolving.

Based on what we see in the market, here are some recommendations of vendor certifications that can add to your knowledge-base as well as your value to current and future employers.

Continue reading

DevOps Shines as Federal IT Modernization Efforts Grow

From time to time GovEvents will come across information we feel our members and audience would benefit from. Here's something we wanted to share:

The Modernizing Government Technology Act (MGT) and other related initiatives are pushing agencies to move away from aging, legacy applications as well as costly, complex software projects. The goal is to have more secure, agile, and cost-effective IT infrastructures replace them.

DevOps, a moniker that is a combination of development and operations, is emerging as an approach that could help Federal agencies modernize and speed new development efforts, especially as they migrate to cloud services. DevOps is a software engineering culture as well as a practice that advocates automation and monitoring throughout the software development lifecycle. It generally pairs development teams with IT operations throughout the development cycle, eliminating the somewhat adversarial role that sometimes has naturally formed in many organizations. Continue reading