By Dick Stark
RightStar and BMC last month sponsored a federal IDG survey to better understand different agencies’ maturity with processes for cyber remediation, and to uncover additional capabilities that they would find valuable in taking a more proactive approach to cybersecurity. The survey was fielded in the US from November 28 to December 12, 2018 and consisted of 100 qualified completes. Here are the highlights.
The top cybersecurity goal for Federal organizations is to take a more proactive approach toward addressing vulnerabilities. When a security incident occurs, the most common response is the “swivel chair” approach where the Operations or Security teams use network management/analysis software, scanning tools, and eventually remediation software to analyze and fix the problem. The overarching objective, of course, is to prevent the incidents from occurring in the first place.
Government organizations have some ability to map vulnerabilities to critical or non-critical applications, but less than half (43%) are able to do so to a great extent. The increasing popularity of application discovery and dependency mapping tools such as BMC Discovery, illustrates that agencies are becoming more and more proactive about addressing vulnerabilities long before they happen. For example, BMC Discovery can map out which applications or business services run on which servers and network devices, or identify blind spots—servers and network devices that are not visible to the vulnerability scanner and are therefore not scanned. This operational intelligence makes security analysis faster, more accurate, actionable, and proactive to help organizations better manage and mitigate risk.
Reduce security technology and tool complexity. The survey found more than 100 tools in use in the following categories: Automation, Reporting, Remediation, Process Management, Scanning, Analysis, and Data Aggregation. Combining scalability and flexibility along with compliance regulations, and an increasing multi-cloud environment, means that finding the right tool fit can be a Herculean challenge.
TrueSight Operation Management, combined with TrueSight Vulnerability Management, is BMC’s “manager of mangers’ solution providing a single pane of glass approach across multiple domains. By integrating with other automation and scanning tools such as Rapid7, Tenable, and Qualys, teams can quickly consume scans and automatically tie vulnerabilities to known remediations.
Interestingly, last week we had a conversation with a DOD lead architect for the fourth estate, an effort to consolidate services from 16 DOD organizations into one, with 430 sites, and more than 500,000 employees. The DOD CIO’s mandate is to reduce the DOD data center foot print, and streamline cybersecurity infrastructure. It is therefore no coincidence that the DOD understands the importance of fit and function, as they move towards a standardized DOD security / operations tool platform.
Watch this blog site for a new whitepaper discussing the survey results in more detail. Stay tuned…