Mitigating Risk in

Aging Federal IT

Shunta Sanders

Sr. Systems Engineer

Federal Division

Today’s Topics

• Federal Cyber

Security Threat

Survey

• Key Strategies for

Securing Aging

Information

Systems

Methodology

• Online survey fielded in

January/February 2017

• 105 responses

• 27 questions

• Limited to:

• U.S. Federal Government

• Mid- to Senior-level IT

Management

• Some Involvement with PAM

What Worries Federal IT Managers

MalwareNation State

AttacksApplication

Vulnerabilities

44%44%45%

What They are Doing to Combat Risks

63%

91%

88%

Privileged

access

management

Vulnerability

patching

Most important in securing information

environment

Nearly two-thirds report less

than fully mature vulnerability

remediation programs

Aging Infrastructure Leads to Costly Breaches

Experienced a

data breach in

the last 6 months

42%

1 in 8 experienced a

breach in the past 30 days

Federal IT systems

experience a breach

every 347 days

Biggest impacts from insider

privilege abuse are lost…

Productivity MoneyReputation

Cost of data breaches across

all Federal IT systems is

$637 Million annually

Breaches Happen

Breaches Hurt

Aging Infrastructure Breeds Risk

Biggest impact of aging

IT infrastructure?

Efficiency ComplianceCyber Risk

81%Say aging IT

infrastructure

impacts risk

61%Say aging IT

infrastructure

is a roadblock

to compliance

Change is difficult, takes time, and cost money

Government employees

have to contend with:

• Mainframes

• Legacy apps

• Aging OS's

• Aging infrastructure

• Limited budget

• Limited staff

• Status quo in thinking

How Can Agencies Address These

Threats?

Manage privileged credentials with

greater discipline, eliminate

administrator rights and enforce

least privilege

Old or new infrastructure, shared

passwords and SSH keys continue to

persist across host systems, databases,

network devices and applications.

Automated Password

Management

Local accounts can create significant risk

with everything from weak password

management to account deprovisioning

backdoors.

Understand and Limit

Privilege Access

Many traditional security tools are

architected for on premise environments.

When extended to the cloud or across

hybrid environments, they leave gaps that

allow for excessive privileged access and

permissions

PAM & VMSSecuring Cloud Assets

Unauthorized installation of software

applications can insert risk into your

environment.

Endpoint

Least Privilege

Given it’s easy access and liberal

governance, systems administrators often

use the sudo command for everyday

commands and tasks- bypassing

organizational policy, network security

and compliance requirements.

Replace Open Source Tools

Isolate legacy systems to reduce

attack surfaces

Often the weak link in the security chain

is remote access by third-party vendors

and contractors

Controlled network

separation and

activity monitoring.

Laptops travel around the world

…clouds stop and start as

needed.

Cycling Passwords on Remote Systems

Improve the maturity of vulnerability

management through automated

patching

With today’s complex

infrastructures how do you know

what’s plugged into your

network- and what risks they

pose?

Discovery and Assessment

Unite threat intelligence from

multiple sources to better

prioritize risks across the

environment

Few vulnerability management

tools extend beyond a data

dump of found vulnerabilities.

Prioritize Remediation Based on Active Applications

Traditional security analytics

solutions struggle to correlate

diverse data to discern hidden

risks amidst the noise

Use Threat Analytics forBetter Decision Making

4 Best Practices to Address Threats

Improve the maturity of vulnerability management through automated patching

Manage privileged credentials with greater discipline, eliminate administrator rights and enforce least privilege

Isolate Systems to reduce attack surfaces

Unite threat intelligence from multiple sources to better prioritize risks across the environment and pinpoint anomalies to identify

patterns indicating malicious activity

Mr. Shunta Sharod Sanders

Sr. Sales Engineer

BeyondTrust - Federal Division

ssanders@beyondtrust.com

301-325-0232