We all know that sifting through data is an overwhelming challenge for federal agencies. Various data types, stored across a range of disparate siloes, and a lack of resources to analyze the sheer amount of data, has long held up data analytics in government.

Last year, we reviewed threat reports from numerous companies and organizations.  At the time, a couple of simple themes emerged: too many systems were unpatched, and phishing was a predominant means of intrusion.  These themes are still present a year later, but some new trends have arisen to keep them company.

Last year, over 420 million malware variants were discovered, over half a billion personal information records were lost to breaches and one zero-day vulnerability was discovered each week.

It’s time to fight back!

Could user and entity behavior analytics (UEBA) be the missing piece of the puzzle that security teams have been waiting for in their bid to outmaneuver threat actors?

Incident response (IR) teams are overwhelmed. Larger attack surfaces, state-sponsored cyber terrorism, and the industrialization of cyber crime all create fires and headaches for IR teams.

Many organizations are quickly discovering that cyber threat hunting is the next step in the evolution of the modern Security Operations Center (SOC).

But what is “hunting"?

Sqrrl, a leader in big data analytics and cybersecurity, defines hunting as “the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions.”

I’m fed up. Better yet, I’m “F.U.D.-ed” up.  In every cybersecurity conference, in every threat report, in every blog and every bit of cybersecurity marketing literature I see one tiresome theme:  “The bad guys are after us!  It’s getting worse every day!  How will we fix it?  Can we fix it?  There’s no magic bullet! The cyber sky is falling, run for your cyber life!”  In other words, an unrelenting stream of– Fear, Uncertainty, and Doubt.

Data leaks, data breaches, blah, blah, blah. Sometimes the attention-grabbing headlines just sound like too much noise.

What’s lacking in most of today’s reporting is the real truth about how government agencies are hacked and what agencies are doing to counter those attacks. Those are the details that can help agencies improve their defenses to face future challenges.

According to a report by MeriTalk, the agency is demonstrating the same cyber-attack vulnerabilities as OPM did prior to its attack in 2014-2015 and it is getting the attention of Congress.

The one-year anniversary of the OPM data breach has come and gone, yet the sensitive data of four million federal employees still remains unencrypted, reports FCW.