Intelligent CXO Issue 08 | Page 15

TECH TRENDS
What can government agencies do to defend themselves against such attacks ?
While public and private sectors have some differences when it comes to issues such as disclosure and confidentiality , the basis is the same .
At the core is user education . Helping government employees understand good cybersecurity hygiene is essential .
With the vast majority of office-based government employees working at home , agencies need to focus on the basics of identity management ; implementing Zero Trust in order to protect networks from untrusted users , devices , applications and network connections and ensuring that data is protected from unauthorised egress and access .
For those governmental agencies without existing threat intelligence capabilities , now would be a good time to invest in a comprehensive programme that includes a mix of traditional data feeds , specialised feeds focusing on specific requirements for a given agency , an Open Source Intelligence ( OSINT ) feed and greater emphasis on understanding the threat intel an agency already is generating from its existing SIEM systems and related log systems .
Government agencies should also take advantage of several emerging technologies to further enhance their existing security policies .
For example , Security Orchestration , Automation and Response ( SOAR ) enhances the speed and reliability of existing operations .
For cloud-based operations , a Cloud Access Security Broker ( CASB ) is on-premises or cloud-based security policy enforcement placed between cloud server consumers and providers . It interjects enterprise security policies as cloudbased assets are accessed .
Continuous management and monitoring add another dimension to protecting government networks . As a key target of bad actors and www . intelligentcxo . com
15