Every day the federal government fends off tens of thousands of cyberattacks from adversaries. Some of these attacks are simple – phishing emails aimed at tricking unsuspecting federal employees – to more sophisticated attacks targeting the nation’s most precious data assets.
In the last few weeks of December 2020, a huge security breach was discovered affecting multiple agencies – perhaps the largest ever by a foreign actor. It was accomplished through the supply chain; a supplier of software used to monitor networks around the world. We do not yet know the extent of the damage, but the list of affected U.S. government entities reportedly includes the Commerce Department, the Department of Homeland Security, the Pentagon, the Treasury Department, the U.S. Postal Service and the National Institutes of Health.
In addition, many private companies in government, consulting, technology, telecom and other entities in North America, Europe, Asia and the Middle East may have also been victims of this attack. Protecting from cyber criminals and spies isn’t easy, but increasingly important as more and more information goes digital.
When you think about the mission of the federal government, agencies host the personal information of every man, woman and child in the country, financial data, information related to national security and nearly everything in between. The government presents a treasure trove of information that hackers want.
To fight back, government agencies use cybersecurity tools. As hackers get more sophisticated, so do the tools to stop them. Agencies need to protect data at every stage of its life from the moment it’s collected, to when it’s transmitted, to where it’s stored and finally until it’s deleted. At NITAAC, we understand this challenge. More importantly, we understand the technology agencies need to keep their information secure.
As the federal government has unfortunately learned, keeping information safe can be costly and difficult, but failure to do so is catastrophic.
Looking at Cyber Solutions
Agencies have a wide variety of cyber solutions to choose from that help protect data at different stages. While there are many different systems, they all have the same goal: To provide agencies visibility into what is happening on their networks and alert technology leaders of suspicious behavior.
Here are some popular forms of cybersecurity technology:
Artificial Intelligence (AI) and Machine Learning (ML). The newest cyber tools use behavior analytics to stop bad actors in their tracks and prevent sensitive data from falling into the wrong hands. These end-to-end analytics work across data environments to identify and stop threats to network traffic, files and devices, leveraging user behavior analytics that get smarter over time. AI and ML provide complete visibility for proactive threat detection, real-time threat assessment and risk management.
Intrusion detection and prevention systems. Known as IDS and IPS tools, these help IT staff identify and protect networks against several security threats and have become more popular as government networks have grown in complexity. Both IDS and IPS solutions detect threats in the form of malware, spyware, viruses, worms and other attack types, as well as threats posed by policy violations. IDS tools monitor and detect suspicious activity; IPS tools perform active, in-line monitoring to prevent attacks by known and unknown sources. Both tool types identify and classify attack types, improving overall security.
Anti-malware. Anti-malware tools help administrators identify, block and remove malware. Malware’s primary purpose is to look for network vulnerability, especially in security defenses, operating systems, browsers, applications and popular targets such as Adobe Flash, Acrobat and Reader. Best practices call for a multipronged defense that might also include IP blacklisting, data loss prevention tools, anti-virus and anti-spyware software, web browsing policies, egress filtering and outbound-traffic proxies.
Mobile device management. Also called MDM, these solutions allow administrators to remotely monitor and control security configurations on mobile devices. This enables employees to work remotely on agency-approved devices, with leadership knowing these devices are secure because they are always managed.
Network access control. These products enforce security policy by granting only policy-compliant devices access to network assets. They handle authentication and authorization functions and control user specific data, ensuring that users meet a certain safety standard before they can access information.
Next-generation firewalls. The technology beyond the traditional firewalls has expanded. Next-generation firewalls provide enhanced network security services, including application visibility and control, along with web security essentials.
Authentication and authorization. Traditional directory-based services authenticate users and grant access based on authorization rules. Newer identity-based security technology use methods such as digital certificates and public key infrastructure — solutions that provide an extra layer of security.
Zero Trust architecture: One new model you hear about often is zero trust, a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters. Instead, they must verify and validate everyone and anything trying to connect to its systems before granting access. According to NIST, zero trust is an “evolving set of network security paradigms that narrows defenses from wide network perimeters to individual resources.” Agencies like the Small Business Administration, the Department of Education and the Defense Information Systems Authority are already moving forward with test pilots and network models that will help pioneer this space for other federal agencies.
The NITAAC Difference
As technology continues to evolve, cyber threats evolve along with it. Cyber criminals look for new ways to attack systems and agencies. NITAAC offers an array of cybersecurity services and solutions through our Best in Class GWACs. The CIO-SP3 and CIO-SP3 Small Business GWACs have Task Areas specific to cybersecurity, such as Task Area One (IT Services for Biomedical Research, Health Sciences and Healthcare), Task Area Three (Imaging) and Task Area Seven (Critical Infrastructure and Information Assurance).
Cyber technologies run the gamut and our pool of pre-vetted Contract Holders offer just about everything you can imagine. Procuring these technologies can be difficult for agencies whose procurement officers are not versed in cybersecurity. Pricing, service agreements and other considerations must be worked out in advance, and not knowing what you don’t know can be risky.
This isn’t the case at NITAAC. We regularly do cyber procurements, know the prices other government agencies are getting and efficiently negotiate on your behalf. We know how to mitigate risks by assessing service agreements that best serve your agency. Armed with both knowledge and our GWACs, we can procure better technology in a shorter time frame, helping you achieve your mission faster, more effectively and more securely.
Our goal is to help government partners get cyber tools, solutions and services in an expedited timeframe, at a competitive price, with less risk than is typical with in-house contracting offices.
Cybersecurity is a necessary investment for government agencies. Technology has provided new ways for government agencies to work, interact with citizens and improve overall operations. NITAAC has the right Contracting Officers and solutions in place to ensure agencies can accomplish their missions, knowing their people, data and networks are safe and secure.
To learn more about NITAAC’s cybersecurity solutions, visit our Solutions Showcase and see how Mantech, Smartronix, Unysis, iGOV and other Contract Holders are developing innovative cybersecurity solutions for federal agencies.