Targeted campaigns by malicious actors have become commonplace. As recent breaches show, these threat actors can stay hidden on agency networks for long periods of time, assessing your systems and looking for information to exfiltrate. We call them the enemy with no face.

Defending against insider threats is a top priority for the U.S. government. When surveyed by MeriTalk, 85% of federal cybersecurity professionals say their agency is more focused on combating insider threats in 2017 than they were just a year ago.

There’s been a lot of buzz about blockchain in 2017. It was only a few months ago in March 2017 that Betanews predicted that blockchain would be the buzzword that would take 2017 by storm. And it did, expanding beyond the financial community where it’s had a home for several years and breaking into other enterprise sectors.

But few foretold that blockchain would have such a hand in government digital transformation in 2017. In fact, the two go hand in hand.

What is Blockchain?

Agencies breathed a sigh of relief at the end of 2016 as they met the Managing Government Records Directive (OMB Memo M-12-18) for managing all email records in an electronic format (a big step in ensuring the accountability and transparency of the federal government).

Identity management, the process of identifying individuals in your system and controlling the access they have to certain resources, is an area of cyber security that state and local government employees have quite a bit of confidence in. Yet data shows there’s room for improvement.

DLT partner, Symantec, has put together a list of seven items you must add to any incident response plan. Here’s how it translates to government agencies.

1. Have a Workable Plan

Getting to know the “enemy with no face” is critical to winning the cyber war. In fact, it’s the tagline from the U.S. Army’s latest cyber warrior recruitment ad. Yet, one of the biggest challenges to doing so is that most organizations have zero visibility into a significant percentage of the endpoints on their network. That’s because they are either not managed (BYOD, guest, and IoT), have disabled or broken agents, or aren’t detected by periodic scans.

When it comes to controlling logins and privileges on Unix/Linux servers, Centrify’s philosophy is aligned with modern NIST recommendations, as opposed to traditional vendors whose solutions are centered around a Password Vault. Centrify believes users should login directly as themselves and elevate privileges granularly as needed and authorized.

Faced with an endless barrage of threats and vulnerabilities, finding the time to develop a proactive risk mitigation strategy is an uphill struggle for government organizations. With so much energy focused  on protecting the perimeter and preventing network penetration, malicious actors (the enemy with no face) already inside your network often goes unnoticed (case in point, the 2015 OPM breach).

The Small Business Administration (SBA) is facing some tough challenges. According to a Report on the Most Serious Management and Performance Challenges Facing the SBA in FY 2018, the agency’s risk management and cyber posture is in need of “significant improvement”.