How the DoD Can Address its Cybersecurity Mandates
Security has become one of the biggest IT challenges in the last 20 years. Regulations, threats, and the many different ways in which adversaries can gain access to sensitive network infrastructures, particularly within the Department of Defense (DoD), have spurred cyber priorities and strategic goals. These include defending the DoD information network, securing DoD data, and mitigating risks to DoD missions (Strategic Goal II) while being prepared to defend the U.S. homeland and vital interests from cyberattacks (Strategic Goal III), and reducing the cost of DoD IT through operational efficiencies and contract consolidation.
It’s a lot to tackle. But understanding the anatomy of a data breach – how it occurs, where the threat originates, how the attack is perpetrated, and adopting a multi-faceted defense approach is critical to preventing a repeat of some of the high-profile government data breaches of recent years.
Almost all data breaches begin with a phishing scam.
According to the Verizon 2016 Data Breach Investigations Report, more than two-thirds of incidents that comprise the cyber-espionage pattern have featured phishing, whereby malicious actors go after specific individuals with the intent of gaining access to work accounts and a foot in the door for a full-on database attack and data exfiltration.
Preventing such attacks can’t be achieved with a simple firewall alone. Security teams must look at all potential layers for attack – the network, storage, applications, and so on. Furthermore, no single control addresses the wide range of attack vectors such as stolen credentials, insider threats, SQL injections, data leakage, app user snooping, and so on.
It’s a complex and confusing process that we aim to navigate in this on-demand webinar. Featuring Scott Gryzkowski from Oracle’s public sector security solutions team, you’ll get answers to the following questions:
• We trust our user base, so why do we need additional security, such as encryption of data at rest?
• Why is there so much complexity in modern IT, which leads to new potential security threats?
• What standards are the most important in Oracle's view to adhere to?
Register here and watch at your convenience.