Virginia spends $220 million on end-user hardware, print services
September 25, 2018
Two final contracts under the state's new multi-vendor IT sourcing model prepare the state for a transition the technology agency has been working on since 2015.
Sponsored Content: Report urges agencies to look beyond traditional security technologies and capture four key sets of data to improve their overall security posture.
As government agencies come under increasing cyberattacks, reliable central logging can help IT leaders more quickly understand the full extent of a breach and act quickly before serious damage occurs, according to a recent report.
The report, published by Splunk, focuses on the security posture an organization needs to establish to be able to handle threats and defend assets — and outlines four ways central logging data can improve an organization’s posture. Security posture is a measure of the effectiveness of procedures and controls that protect an agency from internal and external cyberthreats.
“The broader the visibility into security posture, the more context security teams can gain to make better decisions on how to best respond,” the report states.
The report highlights how an agency can ensure it is improving its security posture by:
Security teams can understand more easily what is happening across the environment when they start with these four basic data sources.
As an agency assesses its security posture, bringing multiple logs into a central location is a common approach which will make all relevant data available in a reliable location for a security team to access.
Leveraging insights from central logging and other machine data is a critical step toward gaining visibility across a multi-layered security environment.
The challenge stems from the limited view security technologies alone offer of an attack’s activity. The view would be dependent on where the technology is deployed, whether on an agencies network or its endpoint devices. Additionally, a lot of relevant data can be contained on non-security devices throughout the agency — such as servers, identity infrastructures and applications.
Agencies that prioritize having visibility across all their IT systems and digital assets will be able to have end-to-end visibility of an attack’s activities, and effectively mitigate the components of the threat.
Using security posture insights to analyze overall risk and applying best-practice methods will focus an agency’s IT security team in where to focus their investigations and improve the durability of an agency in the face of a cyberattack.
This article was produced by StateScoop for, and sponsored by, Splunk.