Federal Friday - 5.16.14 - Cloudy with a Chance of Insider Threats

Blog Post created by jschim Employee on May 16, 2014

To quote the multi-dimensional, world-renowned lyricist Rebecca Black: "Yesterday was Thursday, Thursday. Today i-is Friday, Friday." With that being said -- welcome to the weekend, Federal friends.


I wanted to start this week off with an article from GCN around government and the cloud. While the cloud trend has steadily increased over the past few years, the demand to bring it on board within the federal space is finally beginning to be viewed as less of a taboo and more of an inevitability. This is especially true as cloud technology, security and employment options change. Through vehicles such as FedRAMP agencies can actually select from a set of vetted cloud companies that they can begin to use, in addition (and given the network and budget restrictions) private clouds can also be utilized. You can also segment your network, keeping some aspects on-prem while allowing certain applications and programs to be accessed by the agency at large, via the cloud. If you are currently using the cloud (or planning to) then a hybrid format is probably the best way to get buy-in from stakeholders and keep your environment secure. GCN highlights four key security practices which cloud computing can improve:

  1. Detection
  2. Remediation
  3. Prediction
  4. Data and device protection


In other news, somewhere along the seven seas a Navy servicemen decided it would be a good idea to do some work for his other gig, being a cybercriminal, while deployed on the U.S.S. Harry S. Truman. He and a few friends, started a group (Team Digi7al) back in 2012 and began a months-long attack spree that eventually ended in June of that same year, when one of their attacks was detected. While folks like me want to scream, "You idiot! You were on a freaking aircraft carrier!," the reality is that not only were certain attacks successful, but they originated from the Navy's network. This most likely isn't the first incident of user risk, and probably won't be the last. Which begs the question, do you know what your users are doing on your network? Do you know if they are using cloud services or other sources to dump data from the net? Do you know who has access to what, and whether those records are up-to-date? The nature of the beast for the nation's largest employer is the amount of access that takes place in government networks. While managing user access might seem like a bear to take on, the reality is that users are now part of your perimeter, whether you like it or not. Securing this network segment is as critical as securing your endpoints, if not more so."Cool point John, but I don't even know where to start." You can start right here.


Bruce Campbell just so happens to agree.