We’re all familiar with the outcomes of cyberattacks – stolen personal information and identities, files and systems held hostage, and so on. But with the growth of the Internet of Things (IoT), the attack surface for potential cyberattacks is growing and the perpetrators are demonstrating increasingly hostile motives.

Today, cybersecurity threats are growing in volume, sophistication, and persistence. That’s according to the findings of Symantec’s 2016 Internet Security Threat Report which draws on threat data from its Global Intelligence Network and monitoring activity in over 157 countries.

It’s been nearly one year since the Office of Personnel Management (OPM) first noticed that it had been the target of the largest ever cybersecurity attacks on the U.S. government. That was April 2015 (it wasn’t until June 2015 that OPM actually disclosed the breach).

OPM aside, 2015 was a challenging year for the U.S. government’s cyber defenses – 67,000 system intrusions were detected and a record $12.5 billion was spent defending itself against attack.

For federal government agencies, network monitoring has evolved into something extremely important, yet unnecessarily complex. For instance, according to Gleanster Research, 62 percent of respondents use on average three separate monitoring tools to keep their networks safe and functioning properly.

DLT partner, SolarWinds recently announced the results of its third annual Federal Cybersecurity Survey, which explores the biggest barriers to improving IT security, including exposure during consolidation and modernization processes, threats from foreign governments and careless or untrained insiders.

Top of the list? IT modernization. In fact, almost half of the government’s IT modernization and consolidation efforts have resulted in an increase in security challenges.

Network Access Control (NAC), ensures proper configuration and security posture on devices trying to access a network.  It’s been around for a while, but acquired a bad reputation in its early days.  I remember looking at some NAC solutions when they first hit the market, years ago, and they were expensive, clumsy, and more likely to keep out good folks than bad actors.  However, that was then, and this is now.  Let’s take a look at NAC today.  First, I’ll review fundamental technologies and concepts.

2015 was an unprecedented cyber security wake-up call to federal government agencies culminating in the catastrophic and long-undetected breach at the OPM, which compromised over 21 million background check records. The barrage of attacks has since been relentless culminating most recently with a Department of Justice breach which leaked contact information for thousands of FBI and Homeland Security personnel.

With the explosion of IoT sensors and devices, the data available to us is getting bigger and bigger. It’s a particular challenge facing federal agencies, especially in light of NARA’s Capstone compliance initiative, as well as an opportunity.

Cyber breaches against government agencies seen almost an inevitability these days, it’s less of a question of “if”, but “when?”

So what should your agency do when a breach occurs? That’s the topic of a new whitepaper – Anticipating the Breach – from DLT partner, Symantec.

Just as millions of federal workers and contractors received confirmation that their data had indeed been breached at OPM earlier this year, another threat is lurking.

The OPM’s new cybersecurity adviser, Clifton Triplett, says he expects ISIS may breach the agency’s systems too, reports NextGov.