Mitigating Risk in Aging Federal IT Systems
-
Upload
beyondtrust -
Category
Technology
-
view
190 -
download
1
Transcript of Mitigating Risk in Aging Federal IT Systems
![Page 1: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/1.jpg)
Mitigating Risk in
Aging Federal IT
Shunta Sanders
Sr. Systems Engineer
Federal Division
![Page 2: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/2.jpg)
Today’s Topics
• Federal Cyber
Security Threat
Survey
• Key Strategies for
Securing Aging
Information
Systems
![Page 3: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/3.jpg)
Methodology
• Online survey fielded in
January/February 2017
• 105 responses
• 27 questions
• Limited to:
• U.S. Federal Government
• Mid- to Senior-level IT
Management
• Some Involvement with PAM
![Page 4: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/4.jpg)
What Worries Federal IT Managers
MalwareNation State
AttacksApplication
Vulnerabilities
44%44%45%
![Page 5: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/5.jpg)
What They are Doing to Combat Risks
63%
91%
88%
Privileged
access
management
Vulnerability
patching
Most important in securing information
environment
Nearly two-thirds report less
than fully mature vulnerability
remediation programs
![Page 6: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/6.jpg)
Aging Infrastructure Leads to Costly Breaches
Experienced a
data breach in
the last 6 months
42%
1 in 8 experienced a
breach in the past 30 days
Federal IT systems
experience a breach
every 347 days
Biggest impacts from insider
privilege abuse are lost…
Productivity MoneyReputation
Cost of data breaches across
all Federal IT systems is
$637 Million annually
Breaches Happen
Breaches Hurt
![Page 7: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/7.jpg)
Aging Infrastructure Breeds Risk
Biggest impact of aging
IT infrastructure?
Efficiency ComplianceCyber Risk
81%Say aging IT
infrastructure
impacts risk
61%Say aging IT
infrastructure
is a roadblock
to compliance
![Page 8: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/8.jpg)
Change is difficult, takes time, and cost money
Government employees
have to contend with:
• Mainframes
• Legacy apps
• Aging OS's
• Aging infrastructure
• Limited budget
• Limited staff
• Status quo in thinking
![Page 9: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/9.jpg)
How Can Agencies Address These
Threats?
![Page 10: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/10.jpg)
Manage privileged credentials with
greater discipline, eliminate
administrator rights and enforce
least privilege
![Page 11: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/11.jpg)
Old or new infrastructure, shared
passwords and SSH keys continue to
persist across host systems, databases,
network devices and applications.
![Page 12: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/12.jpg)
Automated Password
Management
![Page 13: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/13.jpg)
Local accounts can create significant risk
with everything from weak password
management to account deprovisioning
backdoors.
![Page 14: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/14.jpg)
Understand and Limit
Privilege Access
![Page 15: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/15.jpg)
Many traditional security tools are
architected for on premise environments.
When extended to the cloud or across
hybrid environments, they leave gaps that
allow for excessive privileged access and
permissions
![Page 16: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/16.jpg)
PAM & VMSSecuring Cloud Assets
![Page 17: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/17.jpg)
Unauthorized installation of software
applications can insert risk into your
environment.
![Page 18: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/18.jpg)
Endpoint
Least Privilege
![Page 19: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/19.jpg)
Given it’s easy access and liberal
governance, systems administrators often
use the sudo command for everyday
commands and tasks- bypassing
organizational policy, network security
and compliance requirements.
![Page 20: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/20.jpg)
Replace Open Source Tools
![Page 21: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/21.jpg)
Isolate legacy systems to reduce
attack surfaces
![Page 22: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/22.jpg)
Often the weak link in the security chain
is remote access by third-party vendors
and contractors
![Page 23: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/23.jpg)
Controlled network
separation and
activity monitoring.
![Page 24: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/24.jpg)
Laptops travel around the world
…clouds stop and start as
needed.
![Page 25: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/25.jpg)
Cycling Passwords on Remote Systems
![Page 26: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/26.jpg)
Improve the maturity of vulnerability
management through automated
patching
![Page 27: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/27.jpg)
With today’s complex
infrastructures how do you know
what’s plugged into your
network- and what risks they
pose?
![Page 28: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/28.jpg)
Discovery and Assessment
![Page 29: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/29.jpg)
Unite threat intelligence from
multiple sources to better
prioritize risks across the
environment
![Page 30: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/30.jpg)
Few vulnerability management
tools extend beyond a data
dump of found vulnerabilities.
![Page 31: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/31.jpg)
Prioritize Remediation Based on Active Applications
![Page 32: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/32.jpg)
Traditional security analytics
solutions struggle to correlate
diverse data to discern hidden
risks amidst the noise
![Page 33: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/33.jpg)
Use Threat Analytics forBetter Decision Making
![Page 34: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/34.jpg)
4 Best Practices to Address Threats
Improve the maturity of vulnerability management through automated patching
Manage privileged credentials with greater discipline, eliminate administrator rights and enforce least privilege
Isolate Systems to reduce attack surfaces
Unite threat intelligence from multiple sources to better prioritize risks across the environment and pinpoint anomalies to identify
patterns indicating malicious activity
![Page 35: Mitigating Risk in Aging Federal IT Systems](https://reader031.fdocuments.in/reader031/viewer/2022022415/5a6506887f8b9aa2548b5f31/html5/thumbnails/35.jpg)
Mr. Shunta Sharod Sanders
Sr. Sales Engineer
BeyondTrust - Federal Division
301-325-0232