Unified Communications Manager Cloud for Government (UCM) – Formerly Hosted Collaboration Solution for Government (HCS-G)

Iron Bow’s UCM (formerly HCS-G), powered by Cisco, is a FedRAMP Authorized cloud-based collaboration service built to help you improve communication capabilities, empower your mobile workforce, meet cloud-first mandates and maintain stringent security standards. Check out this video and see how we can help your agency overcome key IT and business challenges.

See what VDI can do for your agency.

The case for Virtual Desktop Infrastructure (VDI) has never been stronger. Agencies are looking for better approaches to securing and managing end-user devices. Check out this infographic and see what’s driving the interest in VDI solutions—and what concerns are slowing agencies down.

@Iron_Bow
About TechSource

Welcome to Iron Bow's TechSource, a blog about the issues facing the government and industry today and the technologies being adopted to help overcome them.

At RSA, the Human Element was Front and Center

Rob Chee, Technical Director, Cyber Security, Iron Bow Technologies

March 27, 2020  |  Cyber Security


Amid so much talk of automation, artificial intelligence (AI) and machine learning, what emerged from this year’s RSA Conference was actually the importance of the human element.

There was significant discussion around the democratization of cyber security. This is no longer a practice limited to technical professionals trained in computer science. Today it’s important for both technical and non-technical people to implement cyber security measures. As security has become more accessibly integrated into everyday activities—think users of the iPhone’s home button for fingerprint-based multifactor authentication—the simplicity is yielding a “frictionless” (to use an RSA buzzword) experience. It’s become cyber security for all.

For government agencies, this shift toward a common language for identifying and documenting known threats is clear in the growing adoption of federalized frameworks that many agencies and commercial organizations alike are feeding into. In turn, those frameworks are growing stronger and becoming de facto standards for identifying threats, their origins and their tactics, techniques and procedures (TTPs). From there, decision-makers are able to map to technical and/or vendor-provided solutions with the most attack-specific efficacy.

A prime example is the growing employment of MITRE’s ATT&CK framework, through which many organizations are sharing information about TTPs and how different types of attacks are affecting different types of institutions, such as banking or healthcare. The framework helps create a clearer picture of how attackers are using certain techniques against specific types of organizations—and how to defend accordingly.

The framework helps to define an evolving and increasingly popular approach to cyber security: breach-and-attack simulations. These simulations, run based on real-world and theoretical scenarios informed by the MITRE ATT&CK framework, test the efficacy of endpoint solutions as well as network security and internal infrastructure. The growing use of these simulations, including in the government, complements tools like Iron Bow’s comprehensive vulnerability assessments and standards-based methods for characterizing and identifying threats. Security companies are now tying that information together and providing actionable intelligence on threat vectors and attack indicators.

All of this is unfolding amid possibly the most human element of today’s cyber operations: the pervasive lack of skilled practitioners to hunt threats and maintain network visibility. This talent gap is further widened by the rapid development of new cyber security products and features that can overload human capacity. At RSA there was a distinct uptick in vendors and third parties providing managed security, effectively outsourcing cyber threat detection and response in settings such as security operations centers (SOCs), where analysts are in high demand and low supply. This approach provides SOCs with more sophisticated, mature security teams that can leverage network visibility to analyze, manage, monitor and respond to threats, helping better ensure best practices get implemented.

In an era where automation and AI are front and center in most cyber security and IT discussions, as RSA demonstrated, it still comes down to people and the human element. From our personal and collective experiences to the sharing of lessons learned and expansion of defenses, people remain central to effective cyber security.

For more information on how Iron Bow can help boost your cyber security, visit our website.


TechSource in your Inbox

Sign-up here to receive our latest posts by email.

  • This field is for validation purposes and should be left unchanged.