The document discusses strategies for mitigating risks in aging federal IT systems, highlighting the results of a survey conducted among mid- to senior-level IT managers in the U.S. federal government. Key findings indicate that malware, state-sponsored attacks, and application vulnerabilities are significant concerns, with aging infrastructure leading to costly data breaches. Recommendations for improvement include managing privileged credentials, enhancing vulnerability management practices, and isolating legacy systems to reduce attack surfaces.

1. Mitigating Risk in
Aging Federal IT
Shunta Sanders
Sr. Systems Engineer
Federal Division

2. Today’s Topics
• Federal Cyber
Security Threat
Survey
• Key Strategies for
Securing Aging
Information
Systems

3. Methodology
• Online survey fielded in
January/February 2017
• 105 responses
• 27 questions
• Limited to:
• U.S. Federal Government
• Mid- to Senior-level IT
Management
• Some Involvement with PAM

4. What Worries Federal IT Managers
MalwareNation State
Attacks
Application
Vulnerabilities
44%44%45%

5. What They are Doing to Combat Risks
63%
91%
88%
Privileged
access
management
Vulnerability
patching
Most important in securing information
environment
Nearly two-thirds report less
than fully mature vulnerability
remediation programs

6. Aging Infrastructure Leads to Costly Breaches
Experienced a
data breach in
the last 6 months
42%
1 in 8 experienced a
breach in the past 30 days
Federal IT systems
experience a breach
every 347 days
Biggest impacts from insider
privilege abuse are lost…
Productivity MoneyReputation
Cost of data breaches across
all Federal IT systems is
$637 Million annually
Breaches Happen
Breaches Hurt

7. Aging Infrastructure Breeds Risk
Biggest impact of aging
IT infrastructure?
Efficiency ComplianceCyber Risk
81%
Say aging IT
infrastructure
impacts risk
61%
Say aging IT
infrastructure
is a roadblock
to compliance

8. Change is difficult, takes time, and cost money
Government employees
have to contend with:
• Mainframes
• Legacy apps
• Aging OS's
• Aging infrastructure
• Limited budget
• Limited staff
• Status quo in thinking

9. How Can Agencies Address These
Threats?

10. Manage privileged credentials with
greater discipline, eliminate
administrator rights and enforce
least privilege

11. Old or new infrastructure, shared
passwords and SSH keys continue to
persist across host systems, databases,
network devices and applications.

12. Automated Password
Management

13. Local accounts can create significant risk
with everything from weak password
management to account deprovisioning
backdoors.

14. Understand and Limit
Privilege Access

15. Many traditional security tools are
architected for on premise environments.
When extended to the cloud or across
hybrid environments, they leave gaps that
allow for excessive privileged access and
permissions

16. PAM & VMS
Securing Cloud Assets

17. Unauthorized installation of software
applications can insert risk into your
environment.

18. Endpoint
Least Privilege

19. Given it’s easy access and liberal
governance, systems administrators often
use the sudo command for everyday
commands and tasks- bypassing
organizational policy, network security
and compliance requirements.

20. Replace Open Source
Tools

21. Isolate legacy systems to reduce
attack surfaces

22. Often the weak link in the security chain
is remote access by third-party vendors
and contractors

23. Controlled network
separation and
activity monitoring.

24. Laptops travel around the world
…clouds stop and start as
needed.

25. Cycling Passwords on
Remote Systems

26. Improve the maturity of vulnerability
management through automated
patching

27. With today’s complex
infrastructures how do you know
what’s plugged into your
network- and what risks they
pose?

28. Discovery and Assessment

29. Unite threat intelligence from
multiple sources to better
prioritize risks across the
environment

30. Few vulnerability management
tools extend beyond a data
dump of found vulnerabilities.

31. Prioritize Remediation Based
on Active Applications

32. Traditional security analytics
solutions struggle to correlate
diverse data to discern hidden
risks amidst the noise

33. Use Threat Analytics for
Better Decision Making

34. 4 Best Practices to Address Threats
Improve the maturity of vulnerability management through
automated patching
Manage privileged credentials with greater discipline, eliminate
administrator rights and enforce least privilege
Isolate Systems to reduce attack surfaces
Unite threat intelligence from multiple sources to better prioritize
risks across the environment and pinpoint anomalies to identify
patterns indicating malicious activity

35. Mr. Shunta Sharod Sanders
Sr. Sales Engineer
BeyondTrust - Federal Division
ssanders@beyondtrust.com
301-325-0232