The high-level idea is to collect and analyze security telemetry from tools and sensors in order to come up with “quantitative” prescriptions about how a change in sensors settings or the deployment of a new sensor or module... more »
Current security tools independently address weaknesses; suites of tools offer more complete... more »
Establish SLAs and/or performance metrics for threat detection, incentivizing contractors.
Practice response to cyber threats as part of overall emergency response capacity to build resiliency.
Create Blue Team audits followed by Red Team operations performed by pre-qualified contractors or in-house staff using efficient contract services vehicle managed by GSA. Focus is beyond standard penetration testing and embraces “hunting” tactics largely used by DOD Red Teams to emulate adversaries. Increases resiliency and ability to enhance capability to address early indicators of APTs.
4) How should the government expand beyond its emphasis on perimeter defense and even Defense in Depth, and instead put more relative resources toward combining actionable threat intelligence with robust response and resiliency strategies and architectures that account for the adversary's point of view?
How should the government expand beyond its emphasis on perimeter defense and even defense-in-depth, and instead put more relative resources toward combining actionable... more »
Adopt content-centric security of data using digital rights management techniques to protect data at the source and track exfiltrations of data that depart from pre-set boundaries.