3. Breach-to-Response Acceleration
How can agencies effectively address current time lags with detection of and response to vulnerabilities and threats that will significantly compress breach-to-detection-to-response times? Please include ideas on how government agencies can expand capabilities beyond reacting to known threats through programs like Einstein, to identify new threats and zero-day exploits in near real-time.
Endorse existing ideas by voting for them. YOU MUST BE LOGGED ON TO VOTE.
Monitor data going out for anomalies, including tagging for sensitive data. This would have been a signal to spot exfiltration like in the OPM case