Cybersecurity is not only central to day-to-day IT operations for CIOs. It is increasingly at the core of how effectively agencies and their top leaders can consistently deliver on their missions and business objectives.
That’s why adhering to proven methods of cybersecurity hygiene practices is so important, argues Ralph Kahn, vice president of federal business for Tanium, which specializes in tools and services that provide real time network visibility.
“The state of art,” surrounding cybersecurity, “has been about compliance,” said Kahn, in an interview with FedScoop. But traditionally, compliance was verified on an annual basis.
“Once a year is not good enough,” he said, noting that the most successful operations in reducing their risks from cyber attacks are those that look at compliance on a daily basis, and focus on a core set of fundamental practices.
Kahn highlighted five of those practices in this podcast interview and provided illustrations of how federal agencies are seeing the benefits. Among his recommendations:
1. Start with an accurate baseline. The first place to get started is by assembling an accurate baseline of your systems, then look at that baseline on a daily basis, because things change constantly.
2. Look at your ratio of managed-to-unmanaged assets. If you’re not managing all your assets, and ensuring they’re in compliance, you really don’t know what’s going on across your systems. “You could be out of compliance – and creating opportunities for an adversary to breach your environment,” he said.
3. Look at your patch process. How long does it actually take from when you decide you need a patch to implementing that patch across your entire environment – and if need be, to roll it back? “Those things should be measured in minutes or hours, not weeks or months. If you can do that, you significantly increase the pace at which you harden the target.”
4. Know which systems are compliant. You should know the number of systems that meet compliance targets, and how often. “Ideally, you should be compliant every morning when you walk in the door. That’s a big stretch for a lot of organizations, admittedly, but that ought to be the goal.”
“It’s not just important to measure. It’s important to measure and take action and do it on a more frequent basis,” he said.
Kahn said agencies don’t necessarily need more people to increase the frequency of security monitoring and response. “If you give people accurate information in a timely fashion, they can begin moving up the value stack and doing better analysis,” he said.
“It used to be, to have more cybersecurity, you had to spend more money. Now, that equation has changed – Tanium has fundamentally changed that equation,” Kahn said.
This article and podcast were produced by FedScoop for, and sponsored by, Tanium.