The Last Layer of Defense for NCASM
As National Cyber Security Awareness Month (NCSAM) comes to a close, we look back at some of the topics covered on TechSource like how NCSAM has changed since its inception in 2003, ways to keep the upcoming election safe as it relates to cyber and best practices within the healthcare industry. One area we haven’t really talked about though is defense in depth – perhaps the most accepted best practices within the federal government. Defense in depth is the idea that agencies should implement several different security measures in order to protect networks.
According to Gary Winkler, CEO of American Cyber, “one aspect that federal agencies are missing right now is the defense against zero-day malware [and] I think that’s the missing component of defense in depth as a best practice […] The more quickly our government and agencies get to their defense in depth approaches, along with zero-day malware prevention, the better off they’ll be.”
Zero-day malware is incredibly dangerous as it exploits a previously unknown vulnerability and uses it to attack software. That’s why it’s important that agencies focus on the origin of the malware, not just what type it is or how it’s delivered. Some types are so harmful that they may be increasingly difficult to remove from IT systems so agencies must be on guard and able to catch zero-day malware before severe damage is done.
Check out this short clip from Gary Winkler, CEO American Cyber, as he continues the discussion around defense in depth and zero-day malware prevention for federal agencies.