Pressure to reduce costs while elevating the level of services government agencies provide to their citizens is defining how federal, state and local officials implement their technology transformation initiatives. Not only are many agencies learning from private sector initiatives on the adoption of public, private and hybrid cloud computing, a notable percentage are even more aggressive in implementing cloud and virtualization to accomplish mission-critical objectives.
As a result, we are seeing many government agencies explore ways to reduce their spending on infrastructure elements – such as data centers and storage resources – in order to invest in innovative application layer services that foster citizen-self-service capabilities on mobile and web platforms.
While this new approach to managing IT resources can improve operational costs, it also alters their risk profile. As such, governments need to plan accordingly.
According to two recent reports from Palo Alto Networks, the Silicon Valley-based cybersecurity company, governments should take note that attackers can exploit weaknesses and capitalize on major enterprise technology transformation initiatives.
In Connected Governments and Agile Militaries: Meeting the Security Requirements of Today’s Evolving Governments, researchers at the firm note that many governments are moving traditional government functions to a shared, or virtualized, model of hosting applications – whether public or private cloud.
These “Shared Services” can take advantage of greater efficiencies in costs, power, heating and cooling, real estate and other benefits. Agencies engaged in reducing their data center footprints through consolidation projects are also virtualizing existing services to bring down costs and “go green.” These new models introduce different requirements for their cybersecurity solutions. (The full report can be accessed by clicking here.)
Today’s data center applications have more complexity and require a different approach to ensure policies which restrict access to data can follow users and applications as they change across data centers and across virtual machines. These applications:
- Communicate differently and regularly change the way they communicate;
- Are accessed by a distributed workforce with different security risk profiles; and
- Are often not well understood and therefore can lack the protections that they need.
Government agencies and their security staffs are not alone in addressing the complexity in securing their data and data center applications while transforming their networks.
The latest Palo Alto Networks Application Usage and Threat Report, concludes that today’s advanced cyber threats use applications as their infiltration vector, exhibit application-like evasion tactics, and act as, or use common network applications for communications and exfiltration. In short, today’s attacks are hiding in plain sight and use applications such as FTP, RDP, SSL, and netbios to achieve their objectives.
Moreover, the research reveals that a small percentage—10 of the 1,395 data center applications—represent the majority of the 60 million exploit logs. Yet nine of those 10 were business critical applications running in the data center, reinforcing the need for sound cybersecurity for data center applications specifically.
According to the report’s authors, these applications were found on nearly every network analyzed and it’s evident they have now become a favorite vehicle through which attackers can mask their activities. With this premise as the backdrop, the Application Usage and Threat Report (June 2014) from Palo Alto Networks provides a global view into enterprise application usage and the associated cyber threat landscape by summarizing network traffic assessments conducted across more than 5,500 organizations worldwide between March 2013 and March 2014. (The full report is available by clicking here.)