Security / March 23, 2017

Modern Cyberwarfare: Streamlined Security Solutions for the Public Sector

For those unable to attend the Public Sector Breakfast Session last month at RSAC 2017, I’m sorry. Not only did you miss out on some righteous Rishi tea and a mean cranberry coffeecake, but, more seriously, the opportunity to hear an expert-led discussion on streamlining security solutions for the public sector.

As we know, the public sector is no stranger to provocative headlines on hacking scandals, fierce battles for cyber talent, and other cybersecurity-related challenges. What this says, ultimately, is that it’s more important than ever for federal, state, and local government and education teams to focus their resources on solutions that unify and strengthen their entire—physical, virtual, and cloud—cybersecurity operations.

Gigamon Federal Cybersecurity Breakfast at RSAFollowing a brief introduction from Gigamon VP of Public Sector Sales Dennis Reilly, Gigamon VP of Product Line Management Ananda Rajagopal kicked off the morning with a discussion on cybersecurity best practices and how continuous visibility can help federal agencies protect more proactively. No longer is a prevention enough; it must be complemented, in a more modern security framework, with methods for prediction, detection, and response.

Next up, Gigamon CISO and Security Fellow Simon Gibson led a panel of security pros, digging for insight into their experiences with public sector cybersecurity:

  • FireEye VP/Global Government CTO Tony Cole
  • Tenable Federal Technical Director John Chirhart
  • Palo Alto Networks Federal Engineering Director Mike Ward
  • Gigamon Sr. Solutions Engineer Michael Whitaker

First question, what are you hearing from customers?

Recapping a recent conversation with a military customer, Cole said teams are looking, more and more, to move everything to the cloud, have everything as a service so they can focus on their core competencies and mission.

With a vivid comparison to stained glass, Chirhart said his customers are looking for a way to de-dupe their window infrastructure. Instead of having to go here and there across disparate sources for data, they want a single pain of glass. Ward agreed, adding another analogy about how security tools are like wedding invitations—they only grow, they never shrink—and how ad hoc additions are now causing indigestion in the sense that shrinking staffs can’t absorb anything else and need to start consolidating efforts in order to remain productive.

Talent retention is a big issue. What can help?

Chirhart said that automation and orchestration are key to driving efficiency, but require adequate planning to understand workflow. He half joked that the most dangerous thing is to have money; without it, organizations will often take more time to plan.

Let’s talk more about the cloud.

Cole said he’s had customers, both government and commercial, either outsourcing with managed services or implementing a hybrid model whereby they retain internal 9-to-5 talent and outsource after hours to avoid analyst burnout.

Most see the cloud as an enabler, said Ward, with the promise of making traditional workloads more responsive. But with it comes complexity in terms of security. Whitaker agreed, saying it’s a question of getting adequate visibility into what’s going to and what’s in the cloud.

In other words, plan, plan, plan.

Yes, said Cole. Doing more with less isn’t going away, and sufficient planning is key to success. Plan, measure, and don’t spend more than you need to. Optimize your environment and identify and focus on assets that enable your mission and need the most protection.

In terms of quantifying what’s vital to the business, Chirhart added that it’s great to be able to do something yourself, but also important to recognize when it may be more efficient to pay an expert to do if for you.

Don’t forget to check back often for related blogs. There’s much more to come from Gigamon for the Public Sector, including our 2nd annual Government Cybersecurity Summit on April 26 in Washington DC, featuring a keynote from General James Clapper, former Director of National Intelligence.

Back to top