While we eagerly await the government’s 30-day cybersecurity sprint report, it is important to remember that large federal agencies such as OPM aren’t the only ones susceptible to cyberattacks. State and local governments handle and collect confidential data just as frequently as federal agencies, which makes them attractive targets for cyberattackers. As the feds search for answers in the wake of OPM, state and local governments should likewise be reevaluating their cybersecurity approaches.
A lot of talk around cybersecurity focuses on improving data encryption, password protection and authentication practices. But one of best, and most underutilized, security resources in government is the data already being collected and the insights that information contains. State and local governments need to start embracing new solutions with comprehensive data and behavioral analysis capabilities, which are becoming increasingly important to effectively detect and combat cyber threats.
The Institute for Critical Infrastructure Technology recently published a report that stated legacy technologies were a big problem for OPM. Further, the Institute’s report notes that having a behavioral analytics system to track user activity as a security measure would have benefited OPM. This is something Splunk is highly invested in following its acquisition of Caspida earlier this month. Splunk now incorporates machine learning and behavioral analytics to detect unpredictable insider threats, like compromised credentials.
Investment in enterprise analytics platforms can enable both proactive threat detection and defensive mitigation, as well as support real-time response to breaches. John Zarour, director of state and local government and K-12 for Splunk, discusses these issues and more in a recent GCN article. It’s a quick read that offers some good insights state and local IT leaders would be wise to pay attention to.
Security Evangelist and Senior Product Marketing Manager