Cyber Defense: How to Protect Your Most Valued Digital Assets in 2016
Posted by Steve Gottwals, Technical Director of Security Solutions, Adobe Systems Federal
When people imagine government data breaches and threats, most envision the exaggerated Jack Bauer-style scenario: a secret group of 16-year-old genius hackers in a warehouse overseas, planning the next expose of some government scandal; or a terrorist group plotting an attack.
But in reality, in the public sector, the most common cause of data loss and security incidents is from employees on the inside.
According to the 2016 Data Breach Investigations Report, 66 percent of all security incidents in the public sector occurred from miscellaneous errors, insider and privilege misuse, and physical theft and loss. This can include an employee innocently failing to dispose documents correctly, losing a laptop during travels, or even intentionally taking confidential information for personal use and monetary gain.
This is not to say there aren’t millions of malicious foreign attacks as well – cyberattacks are constant and the U.S. holds the seat as the world’s number one target year over year. The State of Utah alone receives 20 million attacks per day, and the Pentagon reports seeing 10 million a day.
Cybersecurity remains one of our nation’s top priorities in protecting the freedom and safety of our people. As security professionals, we need to help guard our data from the simplest in-house misplacements of data, to the external malware threats from the world’s leading hackers.
Let’s start with the four steps government agencies can take in-house to help create a stronger line of defense from unknown cyber threats:
- Know What Data to Protect
We all create or interact with documents that need to be consumed, collaborated on and shared. But which are sensitive, who should have the right to access what documents, and what are the different security levels we can implement?
I like to tell people to start with one small project, and then expand. Depending on your business, that could be PII (Personally Identifiable Information), PHI (Protected Health Information), Intellectual Property or Homeland Security information. Get your first success under your belt, and grow from there. Going too big too quick can often derail organizations.
- It Takes a Multi-Layered Protective Measure
Digital Rights Management (DRM) is a content-based security measure that allows you to grant access only to the people who need it dynamically. Users must go through an authentication process before accessing any file. This works by encrypting files at the document level (i.e. preventing unauthorized access). With DRM, you can audit document interactions in one place, seeing when an employee accesses, prints, closes and modifies the document. You can even prohibit the ability to print or modify documents, or set expiration dates for opening the document. Because the protection is dynamic, you can remotely change access policies on the fly without having to revoke and renew document permissions.
Attribute-Based Access Control (ABAC) helps insulate your network from hackers by placing protections on a group of files in a repository. You do this by tagging your sensitive data with certain security attributes. For example, paragraphs, images, videos, titles and even bullets points can be assigned multiple security attributes – like classification level, International Traffic in Arms Regulations (ITAR) requirements and environmental variables. When a user logs on to view the file, certain portions can be redacted dynamically, which only allows them to see the portions they are authorized to see. Or a single paragraph of sensitive data can be mass-protected across hundreds of different files.
- Analytics: Stay Aware and Continually Monitor Breach Activity
In 93 percent of cases, it takes attackers minutes or less to compromise systems. However, organizations can take weeks or more to discover a breach even occurred.
It is important for your government organization to have a real-time analytics platform in place that helps continuously detect potential breaches inside and outside your firewall.
This takes continuous monitoring of content that your teams create, collect and disseminate. With Adobe solutions, you can visually see where documents are opened, and receive real-time alerts of irregular activity such as high download or print counts. This way, your organization can respond swiftly, and hopefully, before any issues becomes a critical threat to your company’s infrastructure or reputation.
- Educate: Stay Vigilant Together in Times of Shrinking Resources
Prevention is always our first line of defense, and it starts with equipping our people with the right resources and training to protect their agency. As budgets shrink across government, it is more important than ever to remain vigilant and ensure everyone is actively protecting the public’s most sensitive information.
Every public sector employee has a duty to protect their organization’s proprietary information. Instead of mass-emailing a list of rules to employees, it is more effective to teach them face-to-face and share real case studies of how one innocent, wrong action (or inaction) of an employee could lead to millions of wasted tax dollars. Trainings on what a suspicious email looks like, how to back up and protect data properly and ensuring papers are properly shredded are just a few ideas to get you started.
As Adobe’s lead in security solutions for the public sector, I hold regular training sessions for in-house staff once every month. My most popular session has been on protecting documents with digital rights management and digital signatures.
If you want to learn more about cyber defense, click watch the recent Adobe webcast about federal data security. You’ll learn how agencies can implement the Cybersecurity National Action Plan (CNAP) using strategies like data-centric security, digital rights management (DRM), and high value asset identification.
Adobe has been a recognized leader in content creation for more than 30 years. After releasing the PDF standard, Adobe embraced document encryption in 1994, digital signatures in 1999 and DRM in 2005. Since then, Adobe has continued to innovate, providing strong ABAC content management systems and cutting-edge, analytics-based data monitoring capabilities.
Adobe also received Federal Risk and Authorization Management Program (FedRAMP) ATO for Adobe Connect and Experience Manager in August 2015. These certifications represent the latest of our continuous efforts to maximized Adobe security capabilities for digital government. Learn more about Adobe’s Government Solutions.