2 minute read
3 Ways to Continuously Progress on Security
An interview with Tad Northcott, Plan Executive, Navy and Marine Corps; Dave Deppisch, Market Leader, Navy, Marine Corps, Air Force and the Defense Information Systems Agency; and Glenn Jensen, Software Account Executive, Insight Public Sector
When it comes to security, agencies are used to doing more with less. Not only can budget constraints limit options, but priorities can shift and talent can grow scarce. No matter the obstacle, even one roadblock can impede meaningful security advancements.
Advertisement
But what happens when today’s cyberthreats evolve and agencies cannot keep up? Too often, the result is a costly and humiliating security incident. To prevent this, agencies need the ability to continuously refine their security capabilities and defenses.
“The bad guys never stop,” said Glenn Jensen, Software Account Executive at Insight Public Sector, a business-to-business and IT solutions provider. “Cybersecurity requires us to continually progress and improve.”
The Insight Public Sector team shared three steps agencies can take to keep their security ready for anything:
1. Assess security capabilities
Agencies frequently do not know the state of their security personnel, processes and tools. By having a trusted vendor assess their capabilities, agencies can pursue goals that elevate their overall security agencywide.
“You can evaluate your current state and then move up the stairs to the state you want to get to,” said Dave Deppisch, Market Leader, Navy, Marine Corps, Air Force and the Defense Information Systems Agency (DISA).
For instance, a vendor assessment can tell agencies how prepared their operations are for zero trust security. Zero trust security involves distrusting all computing entities, so agencies may need to ready their devices, users and other assets before adopting such a dramatic shift in security strategies.
2. Leverage continuous monitoring
Continuous monitoring is a vital component of zero trust security because it detects changes to agencies’ IT environments in real time. Whether it is an emerging threat, vulnerability or compliance issue, continuous monitoring makes sure agencies are always informed about their security landscapes.
“Annually, lots of agencies scramble to prepare for cybersecurity inspections,” said Tad Northcott, Plan Executive, Navy and Marine Corps. “With continuous monitoring, they’d know where they are before an annual review.”
3. Add multifactor authentication
Multifactor authentication (MFA) is another tool that agencies are increasingly leaning on for their security needs. When users approach agencies’ sensitive data and other assets, MFA asks them for at least two pieces of proof to confirm their identities, such as a birthplace, fingerprint or something else.
All agencies have unique goals, but IT providers like Insight can assist them by identifying their potential security gaps. Insight can then provide agencies with specific tools — such as continuous monitoring and MFA solutions — that can meet their mission demands.
“What agencies have told us is that they want to leverage private-sector best practices,” Jensen said. “Our goal is to help them meet that need.”