• TREND MICRO
  • ABOUT
Search:
  • Latest Posts
  • Categories
    • Android
    • AWS
    • Azure
    • Cloud
    • Compliance
    • Critical Infrastructure
    • Cybercrime
    • Encryption
    • Financial Services
    • Government
    • Hacks
    • Healthcare
    • Internet of Everything
    • Malware
    • Microsoft
    • Mobile Security
    • Network
    • Privacy
    • Ransomware
    • Security
    • Social Media
    • Small Business
    • Targeted Attacks
    • Trend Spotlight
    • Virtualization
    • Vulnerabilities
    • Web Security
    • Zero Day Initiative
    • Industry News
  • Our Experts
    • Ed Cabrera
    • Rik Ferguson
    • Greg Young
    • Mark Nunnikhoven
    • Jon Clay
    • William “Bill” Malik
  • Research
Home   »   Business   »   DISA approves Deep Security – Federal CISOs need to be hunters, not the hunted

DISA approves Deep Security – Federal CISOs need to be hunters, not the hunted

  • Posted on:April 7, 2016
  • Posted in:Business, Cloud, Compliance & Regulations
  • Posted by:
    Ed Cabrera (Chief Cybersecurity Officer)
0
The government is taking a more involved role in cyber security.

Governments around the world are facing an increasing challenge to contain the threat from  cyberspace. This is especially the case in the U.S.. Director of National Intelligence, James Clapper, is now claiming that cyber attacks have surpassed terrorism to become the number one challenge to national security. With this backdrop, it’s important that the U.S. government have strict security control over what software can run in its IT environments.

That’s why we’re excited that our flagship server security platform Deep Security has met the rigorous process by the Defense Information Systems Agency (DISA) and is now included in the Security Technical Implantation Guides (STIGs). This enables federal organizations operating on the Department of Defense (DoD) networks the ability to utilize the industry-leading protection provided by Deep Security in a compliant manner. And it is further proof that here at Trend Micro we understand the specialized needs of the sector.

From reactive to proactive

As noted in Trend Micro’s “Follow the Data” report, government organizations were the third most targeted, behind healthcare and education, making up 16 percent of all data breaches in 2015.  Prominent breaches included: the State Department, IRS, NOAA, U.S. Postal Service and the Office of Personnel Management (OPM).  This research also noted a clear pattern – while the number of attacks has grown steadily, the level of sophistication and volume of compromised data has grown exponentially.  The top three breach methods include loss or theft, unintended disclosures, and malware attacks, which can be attributed to the growing criminal underground, the thriving deep web and an increase in the skillsets of criminals.

The phrase “wake-up call” has been used heavily in connection with these attacks, but in truth, we should all be aware of the scale and nature of these threats by now. Instead, it’s time to get serious about how we combat them.  To counter an increasingly agile, sophisticated and determined online foe, security professionals need to move from being hunted to being the hunter.  Whether attackers are financially-motivated criminals, nation-state operatives or hacktivists out to cause damage, disruption and negative publicity, we need to contain the threat more effectively.  With better understanding of the enemy, we can transition from a reactive to a proactive stance on cybersecurity.

Security in the hybrid cloud

This isn’t easy, of course, with shrinking budgets, internal skills gaps and strict compliance requirements to meet. Federal CIOs and CISOs are also trying to take advantage of the IT efficiencies of the cloud, which can create additional security challenges. Problems can occur if organizations don’t use cloud or virtual-ready solutions. Traditional security tools can cause system performance issues, fail to spot inter-VM attacks and instant-on gaps, and allow targeted malware to gain persistence inside networks completely undetected.

The truth is that in a cloud-first world, federal IT managers must understand that security is a shared responsibility. While the CSP will take care of security around the physical network infrastructure, it’s down to the customer to protect virtual servers, apps and data – which is exactly what Trend Micro Deep Security was designed to handle. It provides an extensive range of protections including anti-malware; web, email and file reputation; log inspection; file integrity monitoring; vulnerability shielding; app controls and more. It’ll help spot signs of targeted attacks, provide instant-on protection and protect systems from zero day threats, all without affecting system performance. And it can all be managed from a single pane of glass – across physical, virtual, cloud and hybrid environments for maximum efficiency.

To find out more about how Deep Security can help government agencies lock down risk and support compliance, visit http://www.trendmicro.com/us/business/industries/government.

Related posts:

  1. Federal cloud adoption growing, but still bogged down by security
  2. Data security spending lags at federal agencies, IDC report finds
  3. Kundra: Federal government cloud adoption on track
  4. Federal Agencies’ Compliance & Security Streamlined with AWS Quick Start and Deep Security

Security Intelligence Blog

  • Obfuscation Tools Found in the Capesand Exploit Kit Possibly Used in “KurdishCoder” Campaign
  • Mobile Cyberespionage Campaign Distributed Through CallerSpy Mounts Initial Phase of a Targeted Attack
  • Operation ENDTRADE: Finding Multi-Stage Backdoors that TICK

Featured Authors

Ed Cabrera (Chief Cybersecurity Officer)
Ed Cabrera (Chief Cybersecurity Officer)
  • Answering IoT Security Questions for CISOs
Greg Young (Vice President for Cybersecurity)
Greg Young (Vice President for Cybersecurity)
  • How To Be An Informed Skeptic About Security Predictions
Jon Clay (Global Threat Communications)
Jon Clay (Global Threat Communications)
  • This Week in Security News: Skimming and Phishing Scams Ahead of Black Friday and Polish Hacking Team Wins Capture the Flag Competition
Mark Nunnikhoven (Vice President, Cloud Research)
Mark Nunnikhoven (Vice President, Cloud Research)
  • The Shared Responsibility Model
Rik Ferguson (VP, Security Research)
Rik Ferguson (VP, Security Research)
  • The Sky Has Already Fallen (you just haven’t seen the alert yet)
William
William "Bill" Malik (CISA VP Infrastructure Strategies)
  • What Worries CISOs Most In 2019

Follow Us

Trend Micro In The News

  • Trend Micro Takes On Palo Alto Networks With Cloud Conformity Buy
  • Trend Micro Partners with Snyk to Fix Vulnerabilities for DevOps
  • Trend Micro Partners With Snyk To Advance DevSecOps
  • Hackers to stress-test Facebook Portal at hacking contest
  • NEW TECH: Trend Micro inserts 'X' factor into 'EDR' - endpoint detection response
  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © 2017 Trend Micro Incorporated. All rights reserved.