Data breach statistics are staggering. Through the end of March 2017, there have already been over 300 major breaches and over nine million records stolen. It’s a challenging problem and one that doesn’t come with a lot of solutions. Part of the problem is understanding what the patterns are. Today’s attacks have several stages from initial reconnaissance to object completion, as depicted in the Cyber Kill Chain which describes the phases of a targeted attack.

What does privilege have to do with your agency’s security controls? The fact is that most data breaches start with privilege abuse. Think Edward Snowden. In the wake of his leaks, the NSA pledged to reduce system administrator privileges by 90%. Then there are outsiders. Most recent federal data breaches originate from attackers who exploited the login accounts of employees or contractors to gain access to sensitive data.

In our recent webinar, three industry experts dissected the recently revised primary standard for security controls for federal information systems, NIST 800-53 revision 4. As more agencies in the public sector and their partners move to the cloud, security remains a top concern. Thought leaders from DLT, AWS and Evident.io exchanged perspectives on what NIST 800-53 compliance means for government agencies and private organizations alike.

Two years on from the massive Office of Personnel Management (OPM) data breach, current and former officials have concluded that the greatest fallout from the hack was not the loss of documents and personal identifiable information, but to the government’s reputation, reports NextGov.

On the heels of their big announcement, McAfee hosted the recent “Security Through Innovation” conference sponsored by DLT, where government and industry executives touted key ideas, changes of mindset that we need to start to win the cybersecurity war.  Covering everything from Cloud to private/public partnerships, to CDM and infrastructure, here are the top 3 key takeaways from DLT's Chief Cyber Technologist Don Maclean.

While much of the focus on cybersecurity risks has been focused on prevention and detection, many organizations are quickly discovering that threat hunting is the next step in the evolution of their security operations center (SOC).

Metadata. It’s not a word that springs to mind when you think about detecting and stopping attacks on your networks and endpoints. If you’re investigating an attack you probably pull logs files and Netflow data to try and make sense of what’s going on. Nothing wrong with that. But as with all things cybersecurity, there’s always more you can do. And that’s where metadata comes in.

As incidents of government data breaches increase and threat landscapes grow, savvy federal, state and local government agencies should take a look at how data loss prevention technologies can help them discover, monitor, and protect sensitive data across clouds, mobile devices, and on-premise.

What is Data Loss Prevention?

Fighting hackers is hard enough, but a huge shortage of cyber workers could leave the government exposed. According to numbers from the Bureau of Labor Statistics, there were more than 209,000 unfilled cybersecurity jobs in the U.S. in 2016, although the number could be as high as 350,000.

Cyberattacks on the application layer are becoming more commonplace than attacks on servers, according to a survey of IT professionals by DLT partner, Veracode. The problem is that traditional security methods are largely ineffective against these application layer attacks. But despite this increase, it’s important to maintain perspective.