Federal agencies face a different cybersecurity environment today than they did even a few years ago. Threats are becoming much more sophisticated in both their targeting and techniques. State-sponsored adversaries have access to resources that match or exceed the current defensive capabilities of government agencies. At the same time, agencies struggle to protect themselves against some of the most insidious attackers: agency insiders who misuse their authorized access. These changes in the threat landscape require that agency cybersecurity teams adapt their thinking and defensive posture to protect government resources.
In years past, agencies followed a strategy widely adopted throughout the private sector: Create a strong perimeter defense that keeps malicious actors out of the network. That approach is woefully ineffective against today’s threats. The idea of drawing a boundary between networks and labeling them “good” and “bad” simply doesn’t work in an era of cloud computing and a mobile workforce.
This requires a different type of response. Security Management Infrastructure (SMI) provides this capability by allowing agencies to detect and respond to attacks that take place within their environment. This new solution category provides the tools agencies need to deal with sophisticated threats, including malicious insiders.