Earlier this year, President Obama stated that "cyberthreats pose one of the gravest national security dangers that the United States faces." It's virtually impossible to overstate the threat that agencies face from hackers, insiders, malware and other cybersecurity risk vectors.
The challenge agencies face is massive, and it has inspired a massive response across government. One of the promising strategies that agencies have undertaken is to establish centralized enterprise security operations centers (ESOCs) within cabinet departments to improve their overall security posture.
A key benefit of this strategy is to provide enterprise visibility — the capability to see what is going on throughout dozens of agencies across the department. The view from the top lets security officials see into the activities of vast numbers of users and IT devices.
The National Institute of Standards and Technology released its Cybersecurity Framework in February, laying out a broad plan to defend both public- and private-sector information systems from cyberthreats. The framework establishes five core functions that are intended to "form an operational culture that addresses the dynamic cybersecurity risk." These functions include:
- Identifying IT assets and risks
- Protecting systems and services
- Detecting threats and attacks
- Responding to threats
- Recovering from attacks
Enterprise visibility can help ESOCs achieve these functions.
This provides departments with a greater understanding of their IT environment and security posture — the threats they face, the vulnerabilities they have and the most effective strategies for addressing them. They are deploying a variety of technologies and strategies toward this end.
Tools such as next-generation firewalls and data loss prevention solutions help ESOCs establish a secure perimeter while also securing essential information within an agency's IT infrastructure. They also can provide dashboard features that deliver enterprise visibility.
IT security leaders face a serious challenge in deploying these tools effectively to establish enterprise visibility. It requires collaboration, innovation and perseverance.
But as President Obama has made clear, "America's economic prosperity, national security, and our individual liberties depend on our commitment to securing cyberspace."