Members of the WVNG collaborate on a scenario inject during a simulated cyberattack as a part of Locked Shields 2022 . Photo by Maj . Holli Nelson .
Ops — development , security and operations — which is an approach to culture , automation and design that integrates security as a shared responsibility throughout the entire IT lifecycle ,” Desai says . “ All our system development requires a DevSecOps approach . Without proactive planning and design , the systems will be left vulnerable at some point during the lifecycle .”
According to Guenther , Leidos is leading modernization efforts to transform a number of federal security operations centers into security intelligence centers .
“ Leidos provides security solutions , incident response and engineering services to help defend against emerging cyberattacks ,” she says .
Cultivating a culture of cybersecurity awareness is prioritized at Leidos and includes annual user trainings , periodic phishing testing and reminders to keep security at the front of mind . Millions of dollars are also being invested in internal research and development around assessing and implementing zero trust principles for the company and its customers ’ work environments .
“ We readily provide our customers with access to our zero trust lab and share analyses of alternatives across many common secure access service edge providers ,” says Guenther .
According to Hargis , all businesses can take a proactive approach among their own employees by remaining vigilant in providing cybersecurity user training , investing in cybersecurity programs and ensuring mission essential data is consistently backed up off-site to ensure data loss can be recovered . The time to be cognizant of your organization ’ s cyber risk posture is before experiencing a cyber incident , not after .
“ Organizational management will see a return on investment and some cost savings during an incident by exercising both a most likely and most dangerous cyberattack scenario to their infrastructures , paired against techniques a reasonable threat actor would take ,” Keber says . “ Planning for and developing the list of questions that will be asked by a response team during a cyber incident will help an organization apply limited and precious resources to key segments and devices or areas of the network to ensure business operations continue .”
52
WEST VIRGINIA EXECUTIVE