Innovation in Government Report

Agencies need to repair, replace their fractured cyber infrastructure

Chris Townsend, the vice president of federal at Symantec, said the IT modernization initiative opens the door for agencies to relook at how they protect their systems and data.

August was the four year anniversary of the Homeland Security Department’s continuous diagnostics and mitigation (CDM) program. In 2013, DHS and its procurement partner the General Services Administration awarded 17 vendors a spot on the $6 billion contract to move agencies toward a real-time, proactive cyber posture.

Around the same time, the Office of Management and Budget issued new Federal Information Security Management Act (FISMA) guidance requiring agencies to move to continuous monitoring of systems by 2017.

So as agencies enter into fiscal 2018 and there are only a few months left in calendar year 2017, the struggle to meet these goals is obvious.

DHS and GSA recently announced a change in approach to CDM, using the governmentwide contract for IT services called Alliant and eventually Alliant 2 for future cyber work.

For some agencies, FISMA is no longer a compliance exercise, but a guiding principle to manage risk. For others, it’s harder to get off the FISMA train where they are reviewing systems on an infrequent basis.

While CDM and continuous assessments under FISMA have fallen short of expectations, agencies are in a better place when it comes to cybersecurity than ever before.

Through OMB’s 2015 cyber sprint, agencies know where their high-valued assets are. They have reduced the number of system administrators, and now most require two-factor authentication to log into the network.

And maybe most importantly, federal senior leadership remains involved, engaged and concerned about a possible cyber attack. The WannaCry threat from earlier this summer was a perfect example of just how far agencies have come since the 2014 Heartbleed attack. There is much more coordination, understanding and immediate response to the threat.

Chris Townsend, the vice president of federal at Symantec, said these initiatives have made a difference, but because of the fractured natured of agency cyber tools and IT networks, cybersecurity remains a huge challenge.

“The feedback I get from agency heads is they have too many tools. Those tools duplicate multiple capabilities, multiple functionality and they overlap. None of those tools integrate and none of the those tools have any automation so that requires human intervention then to integrate all of those systems, to process all of that data and take action against malicious actors,” Townsend said on the Innovations in Government show. “Our bad actors are more sophisticated and are more agile than ever. We can’t rely on human intervention to do that. We really need systems that are standards based, integrated and can take automated action in real time action to get ahead of them.”

Townsend said one solution to these challenges lies in the move to the cloud.

He said while the cost savings, flexibility and agility of the cloud are huge benefits, it’s the changes to security that will help agencies the most.

“We need to extend our security posture from on-premise to the cloud and get away from this hard perimeter approach that we have to security, and build an extensible platform that will both provide a standardized approach to security on-premise and in to the cloud by securing the data itself and tying the security posture to the individual whether the individual accessing the data from on-premise or accessing it remotely…on a non-government-owned device,” Townsend said.

Over the years, agencies have moved through a number of cyber trends: defense in-depth, vendor in-depth and tool du jour.

“We have an opportunity with the IT modernization initiative as part of the [cyber] executive order to take a step back and start to build out a more proactive security architecture, build from the ground up,” Townsend said. “We can build a reference architecture that ties to the mission initiatives of the agency. By doing that, we will realize tremendous cost savings in terms of operational efficiency, in terms of interoperability, in terms of needing less people to maintain that security environment and that will offset the cost of reducing the tools.”

Townsend said the CDM program and the OMB cyber sprint helped initiated some of the changes at agencies both in terms of interoperability and understanding the networks better.

“We have to make sure we are prioritizing our security investments around our most critical data. Now that we know what that data is, we have to start to assign or quantify a value to that data,” he said.

As agencies continue down the path of improving their cybersecurity, Townsend said the future should include three focus areas.

He said agencies need to cyber reference architecture where they map their technology needs to the mission objectives.

“Security is more an enabling technology than it has ever been,” he said. “If are planning to go to the cloud or shared services, you have to understand where responsibility begins and ends in terms of your data protection, and have  cyber plan that helps you get you there. That will help you with ensuring you are not over-buying tools and building in complexity.”

The second is agencies should buy and build to an integrated platform based on standards that would force the vendor community to drive interoperability and automation.

Finally, Townsend said it’s all about protecting the data.

“We need to make sure we are quantifying the value of the data and understand where our most critical data lives,” he said. “We are building a cyber risk mitigation strategy where we are aligning our scarce cyber resources whether those are dollars, tools or people against our most critical data because we can’t secure everything.”

 

About Symantec

Symantec Corporation, the world’s leading cyber security company, helps organizations, governments and people secure their most important data wherever it lives. Organizations across the world look to Symantec for strategic, integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure. Likewise, a global community of more than 50 million people and families rely on Symantec’s Norton and LifeLock product suites to protect their digital lives at home and across their devices. For additional information, please visit www.symantec.com or connect with us on FacebookTwitter, and LinkedIn.

 

Resource Center

 

Host

Jason MillerJason Miller

Jason Miller is a reporter whose work focuses mainly on technology and procurement issues, including cybersecurity, e-government and acquisition policies and programs.

 

Guest

Chris Townsend, Vice President, Federal, Symantec

Chris Townsend is the Vice President of Federal at Symantec. Chris leads a team of more than 100 people to develop and recruit the best talent in the industry, while ensuring the team aligns to the needs of Symantec’s customers and partners. With nearly 20 years of industry experience, he has a solid track record of improving the nation’s security posture by partnering with Federal agencies to address cyber threats and provide effective and reliable solutions.

Prior to joining Symantec in 2017, Chris’s information security and technology experience has included senior leadership roles at Blue Coat Systems (acquired by Symantec), Intel Security, Stonesoft (acquired by Intel Security), and as a regional sales manager with Cisco Systems. Chris holds a Bachelor of Science degree in Accounting from the State University of New York College at Plattsburgh. He lives in Purcellville, Virginia, along with his wife and two children.