A Public at Risk

U.S. Federal Government agencies, infrastructure, and key resources of national interest are under a constant barrage of cyber-attacks. Suddenly, risk escalates from possible monetary loss to an even more devastating possibility.

Our adversaries range from foreign actors and organized crime to hackers and activists. Their motivations include espionage, compromise of critical infrastructure, crippling our defense capabilities, the theft of secret and sensitive data, and profiteering.

The service interruptions and security failures they can cause are terrifying - a single compromise can disrupt utility, transportation or emergency services for millions. These adversaries are formidable and highly motivated, employing unconventional tools and methods that include powerful botnets, social engineering and sophisticated malware. And, they have the advantage of knowing where, when and what to strike.

From Enemies Foreign and Domestic

And while the media promotes risk from external threats, the theft of sensitive data from insider threats is also ever-present, growing, and seriously endangering national security. With only a few keystrokes from an employee or authorized user accessing a network from virtually anywhere, terabytes of sensitive or classified information can be transferred to exploitive or enemy hands.

This isn't due to a lack of intelligent people or investment in technology, today’s security simply falls short. A new approach is necessary to fill in the gaps and illuminate the areas where sophisticated threat actors are able to exploit current security measures.

To counter cyber incidents, whether human or nation-state sponsored espionage, data breaches and advanced persistent threats, government agencies must fill the hole left by antiquated firewalls, intrusion detection systems, antivirus, and Web gateways. These tools react primarily on rules and signatures, and are no match for well-funded adversaries employing a new generation of dynamic, stealthy technology.

With Government Constrained

In contrast, our government and cyber defense posture is disparate, lacks cross-agency collaboration and relies on outdated, outmoded security systems and approaches. Yet these same agencies are accountable to the citizens for safekeeping civic interests.

That makes delivering effective and efficient network and security management a major challenge. Government organizations play an essential role in protecting critical infrastructure and confidential governmental records. Military and intelligence agencies routinely handle classified information that in the wrong hands could do serious harm to the nation. IT network and security teams at the federal, state, and local levels must respond rapidly to incidents, keeping systems operational, monitoring for malicious material and information, and maintaining confidentiality.

And they must ensure the highest levels of performance in an increasingly open environment, one that provides streamlined access to contractors, other agencies, and commercial businesses and individuals. All while being faced with considerable constraints in staff, financial resources, and technology.

The Threat Grows Stronger

In order to ensure a higher degree of governance over the nation's virtual assets, intellectual property, and intelligence, the government has issued mandates for procedural obligations that regulate safekeeping and responsible ownership. The Federal Information Security Management Act, President's Management Agenda, and the National Strategy to Secure Cyberspace are just a few of the initiatives taken by the government of the United States to maintain security and performance of classified information networks.

But currently deployed countermeasures have often failed to protect, defend and respond to threats. The result has been data breaches at several high profile government agencies - some on a dangerously large scale.

In fact, over the last few years, state and non-state sponsored cyber threats to government networks have increased exponentially in terms of facing capability and effectiveness. U.S. federal agencies were disproportionately targeted in 2010, according to the Office of Management and Budget (OMB), 39% more cyber incidents than in 2009. And there is every indication the trend is increasing.

Protection Is Coming

But a radical new approach to defeating the threat of human and state-sponsored cyber terrorism - and all potential for disruption and chaos it can cause our national security - is about to become available. It's real-time visibility - visibility that will allow response, in real time - whenever, wherever and however your network is being compromised.

And ISC8 is the company that will deliver it.