FireEye is a leader in stopping the new generation of cyber attacks, such as advanced malware, that easily bypass traditional signature-based defenses and compromise over 95 percent of enterprise networks*. FireEye has invented a purpose-built, virtual machine-based platform that provides real-time threat protection to organizations across all major threat vectors and each stage of an attack life cycle.
Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Modern Mission Critical Series
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Targeting Advanced Threats: Proven Methods from Detection through Remediation
Tuesday - 7/15/2014, 9:08am EDT
Threat intelligence in many ways is another form of big data. But the difference is the value of this information is much more clear than just any sort of big data that an organization collects.
At the same time, the amount of cybersecurity data coming into agencies or organizations is ever increasing especially as the tools and sensors get better. The Homeland Security Department's US Computer Emergency Readiness Team or US CERT, says agencies reported more than 218 thousand incidents in 2013—a 26 percent increase over 2012.
Now part of the reason for the increase is the agencies are getting better at reporting incidents…detecting and mitigating them more quickly. But it's also because the number of incidents are growing as nation states, organized crime, hackers and other bad actors are targeting federal networks and systems. And agencies will face a deluge of cyber threat data over the next year as they implement continuous diagnostics and mitigation tools and other continuous monitoring sensors.
Agencies are getting better at detecting incidents. OMB reports that more agencies are using the Einstein software for intrusion detection and prevention. The initial deployment of Einstein 3A would address 85 percent of the known threats aimed at federal networks.
Additionally, OMB reports that across the 21 CFO Act agencies conducting controlled penetration tests, on average the network and security operation centers were 73 percent effective at detecting incidents, with half of the CFO Act agencies reporting a detection rate of 99 percent or better. This overall capability increased from 63 percent in 2012.
So agencies collect all this data, what are the best ways to use it, make sense of it and most importantly improve cybersecurity.
Jason Miller is an executive editor and reporter with Federal News Radio. As executive editor, Jason helps direct the news coverage of the station and works with reporters to ensure a broad range of coverage of federal technology, procurement, finance and human resource news.As a reporter, Jason focuses mainly on technology and procurement issues, including cybersecurity, e-government and acquisition policies and programs.
Robert Bigman recently retired from Central Intelligence Agency (CIA), after serving a thirty year distinguished career. Recognized as a pioneer in the field of classified information protection, Mr. Bigman developed technical measures and procedures to manage the nation's most sensitive secrets. As an information security trailblazer, Mr. Bigman participated in developing security measures for Government computers well before commercial industry found the Internet. He then developed creative solutions to allow the CIA to use the Internet to further its mission without exposure.
Mr. Lance C. Dubsky has a 30 year record of achievement and demonstrated success driving change and enabling mission through innovative information security solutions. He serves as the NGA Chief Information Security Officer and Director, Information Security Management Office. As CISO, he supports the Agency Leadership in the execution of the information security & cyber mission and resources assigned to Springfield, St. Louis, and other NGA sites. His responsibilities include functioning as the Agency's Authorizing Official (formerly DAA) and Cyber Executive. Mr. Dubsky was appointed to his current position in October 2012.
Ben Rubin, Director of Cyber & Information Security Operations currently leads the Security Operations Center (SOC) and Managed Security Services Practice (MSSP) within one of the largest Defense Contractors and top 5 IT service delivery corporations in the world. The MSSP delivers security and computer network defense services to Department of Defense, Civilian Agency, as well as major commercial customer base within the United States within an environment maintaining several critical accreditation requirements such as FedRAMP & DISA P-ATO, PCI, IRS1075, necessary to process sensitive information. The SOC provides monitoring and analysis for internal corporate information security operations, ensuring the means in which our company operates and delivers on strategic Federal contracts remains agile and up to date with the latest security threat landscape.
Darren A. Van Booven is the CISO for the U.S. House of Representatives and is responsible for implementation of the House's information security program and technical aspects of the business continuity efforts. Prior to the House, Darren spent several years in the CIA as a counterintelligence officer responsible for carrying out nation state intrusion investigations, incident response activities, and countering technical threats against operations. He also worked as a senior staff operations officer responsible for the mission of offensive cyber operations and forensic exploitation against the terrorist target. Darren spent time as a senior manager in the Office of Inspector General where he evaluated the efficiency and effectiveness of technology used in Agency operations.
Darren is a CISSP, CISM, CISA, and licensed CPA.
Tony Cole is FireEye's Vice President and Global Government CTO where he assists government agencies, corporations, and system integrators in understanding today's advanced threats and their potential impact. He is also the conduit for customers to provide feedback to FireEye on government related cyber security requirements and feature enhancements for FireEye products.