Federal agencies could be putting their networks at risk by focusing too many of their resources on specific types of cyber threats, Greg Kushto of Force 3 says.
Kushto, director of Force 3’s security practice, wrote in a guest post for Nextgov published Tuesday that agencies should build an IT infrastructure that is secure from the majority of threats.
To ensure this, he says that federal IT organizations should conduct an internal security audit, continuously update and maintain their network, block everything that should not be on the network and bolster protection against known threats.
Kushto adds that agencies can implement both a vulnerability management system and an endpoint management system to determine network assets, connected devices and running applications, as well as a network access control system to monitor and control network traffic.
He also says that IT organizations should also download and apply updates or patches in a timely manner; install firewalls and intrusion detection and prevention systems; implement block lists and reputation scoring; and ensure that they have the basic threats covered.