Every day the federal government fends off tens of thousands of cyberattacks from adversaries. Some of these attacks are simple – phishing emails aimed at hopefully tricking an unassuming federal employee – to more sophisticated attacks targeting the nation’s most precious data assets.
Protecting federal agencies from cyberattack is not an easy job, but an incredibly important one as more and more information goes digital. When you think about the mission of the federal government, agencies host the personal information of every man, woman and child in the country, financial data, information related to national security and nearly everything in between. The government presents a treasure trove of information that hackers want.
To fight back, government agencies use cybersecurity tools. As the hackers have gotten more sophisticated so have the tools to stop them. Agencies need to protect data at every stage of its life from the moment it is collected, to when it is transmitted, to where it is stored and finally until it is deleted. At the NIH Information Technology Acquisition & Assessment Center, we understand this challenge. More importantly, we understand the technology agencies need in order to keep information secure.
As the federal government has learned in recent years, keeping information secure can be difficult, but failure to do so can be catastrophic.
The OPM Breach
The federal government learned how important cybersecurity can be in 2014. In March of that year, the Office of Personnel Management, which hosts the personal information of all federal employees and anyone that has applied for a job with the federal government, was breached.
While much has been written about the breach and the reasons it occurred, the end result is still staggering: More than 20 million people had their information compromised. The federal government paid for free credit monitoring for each of the victims to help remedy the situation. Congress, the FBI and the GAO investigated the breach and Katherine Archuleta, the director of OPM, resigned following the incident.
The lesson here for agencies today is that cyberattacks do happen and they can be incredibly damaging. To prevent such attacks, agencies need to consistently invest in cybersecurity challenges, something we here at NITAAC can help you procure.
Looking at Cyber Solutions
Agencies have a wide variety of cybersecurity solutions to choose from. When brought together, these cybersecurity solutions help agencies protect their data at the different stages of its life. That includes when the data is first collected, when it is transferred between different systems and users and during storage until it is deleted.
While there are many different systems they all have the same goal: To provide agencies visibility into what is happening on their computer networks and to alert technology leaders of suspicious behavior.
Here are some popular forms of cybersecurity technology:
Artificial Intelligence (AI) and Machine Learning (ML). The newest cyber tools use behavior analytics to stop bad actors in their tracks and prevent intellectual property and sensitive data from falling into the wrong hands. These end-to-end analytics work across data environments to identify and stop threats to network traffic, files and devices, leveraging user behavior analytics that get smarter over time. AI and ML can now provide complete visibility into user behavior for proactive threat detection, real-time threat assessment and risk management.
Intrusion detection and prevention systems. Known as IDS and IPS tools, these can help IT staff identify and protect their wired and wireless networks against several security threat types. These technologies, like other network security tools, have become more popular as government networks have grown in complexity. Both IDS and IPS solutions detect threat activity in the form of malware, spyware, viruses, worms and other attack types, as well as threats posed by policy violations. IDS tools monitor and detect suspicious activity; IPS tools perform active, in-line monitoring and can prevent attacks by known and unknown sources. Both tool types can identify and classify attack types, improving overall computer security.
Anti-malware. Anti-malware tools help administrators identify, block and remove malware. Malware’s primary purpose is to look for network vulnerability, especially in security defenses, operating systems, browsers, applications and popular targets such as Adobe Flash, Acrobat and Reader. Best practices call for a multipronged defense that might also include IP blacklisting, data loss prevention tools, anti-virus and anti-spyware software, web browsing policies, egress filtering and outbound-traffic proxies.
Mobile device management. Also called MDM, these solutions allow administrators to remotely monitor and control security configurations on mobile devices. This allows employees to work remotely on agency-approved devices, but leadership can know these devices are secure since they can manage them at all times.
Network access control. These products enforce security policy by granting only policy-compliant devices access to network assets. They handle authentication and authorization functions and can control the data that specific users access, ensuring that users meet a certain safety standard before they can access any information.
Next-generation firewalls. The technology beyond the traditional firewalls has expanded. Next-generation firewalls provide enhanced network security services, including application visibility and control, along with web security essentials.
Authentication and authorization. Traditional directory-based services authenticate users and grant access based on authorization rules. Newer identity-based security technology uses methods such as digital certificates and public key infrastructure solutions that provide an extra layer of security on top.
The NITAAC Difference
With technology constantly evolving, Cybersecurity threats become more and more of a concern. Cyber criminals are constantly developing new ways to attack systems and the agencies that host them. NITAAC offers an array of Best in Class cybersecurity services and solutions through our GWACs. The CIO-SP3 and CIO-SP3 Small Business GWACs, in particular, have specific Task Areas where you can fulfill the need for cybersecurity solutions, such as Task Area One (IT Services for Biomedical Research, Health Sciences and Healthcare), Task Area Three (Imaging) and Task Area Seven (Critical Infrastructure and Information Assurance).
Cybersecurity technologies run the gamut and our pool of pre-vetted contract holders offer almost all of them. Procuring these technologies, though, can be difficult for some agencies as procurement offices not versed in cybersecurity might find it challenging to get fair prices.
This is not the case at NITAAC. Since we regularly do these types of procurements we know the different prices other government agencies can get and can negotiate on your behalf to get the best deal. With our GWACs, we can procure technology in a shorter time frame, as well.
Our goal is to help our government partners get their information technology solutions and services in an expedited timeframe at a competitive price that is typically lower than in-house contracting offices.
Cybersecurity has proven to be a necessary investment for government agencies. Technology has provided new ways for government agencies to work, interact with citizens and improve overall operations. NITAAC has the right cybersecurity solutions in place to ensure agencies can accomplish their missions knowing their information is protected.
To learn more about NITAAC’s cybersecurity solutions, visit NITAAC Task Area-Cybersecurity.