Government agencies hold a vast amount of sensitive information, ranging from personnel records, budgetary data, inter-community communications to intelligence findings related to terrorists and hostile nations. In turn, governments all over the world are continually under threat of cyber-attacks launched by rival nation-states, terrorist groups, hacktivists, and cyber criminals. In addition, they are facing insider threats as showcased by Edward Snowden.
A compromise of government data could jeopardize the national security and undermine public safety. In turn, government agencies, be it on the Federal, State, or Local level, are mandated to comply with a variety of industry standards (e.g., NIST SP 800 Series) and government regulations (e.g., CIS, CJIS, DHS CDM, FERPA, FICAM, FISMA, HIPAA, HITECH, HSPD-12, MARS-E, OMB, PCI-DSS, Publication 1075).
Unfortunately, the onslaught of compliance mandates seems to overwhelm many government agencies rather than improving their state of cyber security. According to the 2019 Verizon Data Breach Investigations Report, the government sector has experienced more data breaches than all other industries. Considering the sensitivity of data that is being exfiltrated via cyber-espionage or by state-affiliated actors, these breaches pose a serious threat to economic and national security.
Join Parham Eftekhari, Chairman of the Board of the Institute for Critical Infrastructure Technology, and Dr. Torsten George, cybersecurity evangelist at Centrify as they:
- Assess perceptions versus reality in government security practices;
- Provide an overview of the main industry standards and government regulations that drive compliance efforts in federal, state, and local agencies;
- Outline the benefits of applying an Identity-Centric PAM approach based on Zero Trust principles to ensure that access to their compute (on-premises or in the cloud), network, DevOps, and data resources is appropriate, sanctioned, compliant, as well as secure; and
- Discuss the future of compliance requirements for the government sector, drawing upon Mr. Eftekhari engagement in a variety of legislative measures.
CyberSecurity Evangelist, Centrify
Board Chair, Institute for Critical Infrastructure Technology
SVP & Executive Director, The Cybersecurity Collaborative