In case there was any doubt about whether the Federal Government was moving toward Zero Trust, the recent Executive Order on Improving the Nation’s Cybersecurity and DoD Zero Trust Reference Architecture have provided guidance for when and how Federal Civilian and Defense agencies must implement it. For Chief Information Security Officers (CISOs) already managing complex digital transformation initiatives, how to implement Zero Trust without overhauling all existing infrastructure is top of mind. Is it even possible to enable the baseline of a Zero Trust architecture without replacing decades of existing infrastructure? UberEther has proven that the resounding answer is yes.
“Much of this data is buried within the Security Information and Event Management systems but not made available for use across the enterprise. At the same time, most Security Operations Centers (SOCs) have no visibility into the business context of the users they are investigating, and so end up performing a shotgun approach to security that leads to chasing people who are working within the scope of their mission, and sometimes bypassing malicious actors in the process,” said Topper.
Layering Operational Intelligence with Identity Management to Provide the Baseline for Trust
Identity management is the first line of defense in securing government data and systems. Security operations teams look at what is happening minute by minute to hunt down anything that looks suspicious.
“They’re hunting, but they don’t know if they’re hunting a squirrel, a deer, or a polar bear. This happens because most security information and event management systems do not layer in the business context to consider why a user (or app) is accessing specific data. I call it business blind,” said Topper.
By layering the business context over the log data, UberEther helps analysts and CISOs access the intelligence to know what they’re hunting … and how to hunt it. Topper says it’s like SEIM on steroids.
For more such updates follow us on Google News ITsecuritywire News.