We Can’t Control Devices and People, but We Can Control the Network

Wednesday, April 26, 2017

Dennis Reilly

A5f2aa8b34c3021fca4738cd12cbd323

For decades, consultants and federal systems integrators have served as a bridge between Silicon Valley and the U.S. Federal Government, offering a variety of products with a “mission-first” approach that directly addresses public sector needs. To learn more, I recently met with BAI Senior Director of Operations Ryan Morris to ask about current trends he is seeing, including what challenges federal agencies may face.

 

What challenges are you seeing in the federal sector?

 

What I’m not seeing is a budget issue. From a cybersecurity perspective, the federal space is fairly well-funded. The challenge, instead, is that many organizations have several disparate teams, each of whom has purchased myriad different products. It’s my job to help bring them all together. I look to take several years’ worth of investments and advise on how to make them work holistically, rather than as stovepipes so that these organizations can get the most out of what they already have.

 

What do you see happening in the future?

 

This industry tends to vacillate, expanding out and contracting back in. I’ve seen organizations who have previously veered away from basic foundational security. Now, they are looking to get back to basics (e.g., network segmentation, security policies).

 

We’re also starting to understand the way networks naturally evolve and, consequently, what is out of our control. For instance, we know we won’t have control over all network devices—it’s impossible to have an agent on every single one. We also know we can’t control people—they don’t always understand or care about security and will try to go around any limitations placed upon them.

 

By understanding where we can’t be successful, we can steer toward where we can be successful. We know we can’t control devices or users, but we have control of the network. And that’s a big deal. The network is an optimal place to layer in security.

 

What about encryption?


With 60 percent of gateway traffic now encrypted, there’s no question it’s an issue, but not everyone is sure of the best approach to solving the problem; they’re looking for guidance. Some innovators want to be the first to tackle it, but many more want to be last, preferring to see if others fail before they jump in.


Do you see increasing migration to the cloud? If so, what types of data are they moving?


We are finally seeing more FedRAMP-approved cloud services that federal government can take advantage of—and it’s happening quickly.

Right now, Office 365-type services (e.g., email, SharePoint) are the most common applications migrated because they tend to be relatively easy to move and offer a great return on investment. However, from a security perspective, I find it interesting that organizations seem comfortable moving these first. Perhaps they are overlooking the fact that emails and attachments can potentially house all the crown jewels of an enterprise.

About the author: Dennis Reilly serves as the Vice President of Federal at Gigamon. In his current role, he successfully manages growth and the integrated business plan for the U.S. Federal Government market. With over 25 years of technology and business experience, Mr. Reilly is a strong advocate for the Federal government, applying information technology to increase collaboration, innovation and productivity.

Possibly Related Articles:
26760
Cloud Security Network Access Control Network->General Enterprise Security Security Awareness
Encryption cybersecurity cloud services
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.