3. Breach-to-Response Acceleration

How can agencies effectively address current time lags with detection of and response to vulnerabilities and threats that will significantly compress breach-to-detection-to-response times? Please include ideas on how government agencies can expand capabilities beyond reacting to known threats through programs like Einstein, to identify new threats and zero-day exploits in near real-time.

Endorse existing ideas by voting for them. YOU MUST BE LOGGED ON TO VOTE.

Showing 4 ideas for tag "cybersecurity"
kudos icon +

3. Breach-to-Response Acceleration

Supported ITAPS recommendations

(Regular print are supported ITAPS recommendations in response to questions, flagged are expanded recommendations to more explicitly address questions, not directly addressed by ITAPS; participated in and collaborated with ITAPS OMB-OPM-NSC Task Force)

How can agencies effectively address current time lags with detection of and response to vulnerabilities and threats that will significantly compress breach-to-detection-to-response... more »

Voting

1 vote
Public Input
kudos icon +

3. Breach-to-Response Acceleration

Supported ITAPS recommendations, part 2

Consistent with the concept that security is the responsibility of all employees, all agency employees should be educated and trained on general incident response planning concepts and any related responsibilities, including how to notify response organizations, the information to report, and other relevant activities.

All incidents, exercises, and general activities offer opportunities to learn and improve planning.... more »

Voting

2 votes
Public Input
kudos icon +

3. Breach-to-Response Acceleration

Response Time--Combines Technology, Threat Knowledge, & Skills

Agencies must plan for success. Increasing response time is a combination of technology, threat knowledge, and skill sets of cybersecurity practitioners. Lag time exists because organizations unable to effectively integrate practitioner skills, threat knowledge, and technology. Although agencies are in possession of effective tools (e.g., Einstein and CDM) that collect indicators and signatures of malicious traffic crisscrossing... more »

Voting

2 votes
Public Input
kudos icon +

3. Breach-to-Response Acceleration

Cyber Battlerooms to learn to recognize adversary action

The old adage "it takes 10,000 hours of practice to become an expert" is very true in cyber defense. We can't teach people to prevent zero day exploits but we can provide an inexpensive way to show what happens when an exploit is used. Technology today is finally available to provide ubiquitous Cyber Battlerooms, like Netflix, where you log into the cloud and "play" on a Virtual Clone Network of a government agency,... more »

Voting

1 vote
Public Input