Protect government agency data from cyber attacks and insider threats
U.S. Government agencies are constantly targeted by cyberattacks from criminal organizations and nation-states. Attacks are more frequent, better targeted and – with more agencies online – more is at stake. The 2015 Office of Personnel Management breach -- the largest data breach in government history – is just one example.
The international consequences of U.S. Government data falling into the wrong hands cannot be overstated. Cyber security attacks are increasing with the number of reported incidents growing by 85% from 2014-2015, according to Verisign’s DDoS Trends report.1 With attacks being launched every day, they are stopping government agencies from operating and shutting down online work.
The pressure on every agency is high: implement and update security measures and comply with increasing NIST regulations.
Imperva cyber security solutions help government agencies establish a repeatable data risk management process and provide a fast and cost effective route to overall security and regulatory compliance both in the cloud and on premises.
Key Initiatives and Solutions
Continuous Diagnostics and Mitigation Initiative
Continuous Diagnostics and Mitigation (CDM) is a $6B funded, Department of Homeland Security (DHS) program designed to provide a new approach to protecting the cyber infrastructure of the .gov network environment.
Imperva is one of 17 vendors selected for the CDM initiative. This means Imperva cyber security solutions are available to any civilian Federal Government agency under this program, and that any tools and integration purchased for the CDM Initiative will be paid for by the Department of Homeland Security.
In order to participate in the program, the General Services Administration (GSA) and DHS have used the GSA IT Schedule 70 as a contract vehicle. The Continuous Monitoring as a Service (CMaaS) contract provides CDM tools and integration services to all federal agencies under a blanket purchase agreement.
For more information on the CDM initiative and Imperva participation, please contact firstname.lastname@example.org.
Tighten Up Your application Security
In 2013, the federal government released the Digital Government Strategy, mandating that agencies move online and make information more accessible to the American public.2 While making government agencies friendlier to citizens, it presents a massive attack surface to cyber criminals. Outsiders target federal agencies to get access to employee information, citizen personally identifiable information (PII), or other sensitive data and then exploit this data for political or financial gain. Today’s cyber criminals are well-funded, well-motivated and sophisticated enough that they can easily bypass Federal perimeter defenses and directly target vulnerable web applications.
Imperva SecureSphere WAF stops application-level attacks, protecting applications and the back-end data behind them.
Secure Sensitive Data
Data is every government agency’s most precious asset. It includes everything from CIA intelligence reports and IRS taxpayer information to US Energy’s power grid information and Federal employee data. This data could be used by cyber hackers for malicious intents, potentially causing large-scale international issues if it falls into the wrong hands. Government agency officials have acknowledged that current tools and security initiatives may block as much as 80% of cyberattacks. But that means 20% of the attacks still get through. Identifying breaches quickly is key to blocking these attacks.3 To meet your agency’s needs, Imperva cutting edge Data Security Solutions are available in the cloud and on-premises, enabling you to discover and classify data, and monitor who accesses it in real time.
Mitigate Your Insider Threat Risk
Insider threats are not just malicious users looking to exploit an agency. They also consist of employees who have legitimate access to this data and exist inside your perimeter security. They may be compromised by external attackers or simply careless users who unintentionally expose sensitive data. Insider abuse is cited as a main cause of approximately 20% of all reported security incidents.4
Rapidly detecting and containing the threat from within requires you to:
- Know who accesses what data
- Determine if that access is OK
- Respond quickly if it is not
Imperva Counterbreach leverages an expert understanding of users and how they use data to flag suspicious access and operations performed on databases, file servers and SaaS applications.
1 Verisign Distributed Denial of Service Trends Report, Volume 2, Issue 4, 4th Quarter 2015.
2 Whitehouse.gov, “Digital Government: Building a 21st Century Platform to better serve the American People.”
3 The Wall Street Journal, “Protecting Precious Data Paramount, Says Former CIA Chief.” June 15, 2015.
4 2016 Verizon DBIR Report