Smokey the Bear says, "Only you can prevent wildfires." Now, that wildfire is the OPM breach. (http://www.cnn.com/2015/06/24/politics/opm-hacking-senate-briefing/) Yesterday it was the IRS. The day before that, it was Snowden.

Tomorrow, it'll spark up somewhere else.

Federal cyber pros are sounding the alarm. They are spending too much time fighting cyber fires. The old approaches and point products aren't working -- agencies need real change and a holistic approach to fight today's threats, as well as new challenges smoldering for tomorrow.

Fanning the Flames

According to recent research, "93 percent (http://meritalk.com/decoded/?mkt_tok=3RkMMJWWfF9wsRoiuK7OZKXonjHpfsX57%2BkqUaW 3lMI%2F0ER3fOvrPUfGjI4HTMNjI%2BSLDwEYGJlv6SgFSrLNM apoz7gLXxQ%3D) of Federal executives indicate cyber defenses need significant improvement," but only 56 percent (http://meritalk.com/decoded/?mkt_tok=3RkMMJWWfF9wsRoiuK7OZKXonjHpfsX57%2BkqUaW 3lMI%2F0ER3fOvrPUfGjI4HTMNjI%2BSLDwEYGJlv6SgFSrLNM apoz7gLXxQ%3D) are assessing their networks daily to analyze and address security risks.

Einstein doesn't look so smart right now -- understand the intrusion detection system held the door open at OPM (http://fcw.com/articles/2015/06/05/opm-einstein.aspx?mkt_tok=3RkMMJWWfF9wsRoiuK7OZKXonjHp fsX57%2BkqUaW3lMI%2F0ER3fOvrPUfGjI4HTMNjI%2BSLDwEY GJlv6SgFSrLNMapoz7gLXxQ%3D). CDM wasn't enough. Fire likes oxygen -- how do agencies choke the flames?

Dousing the Fire

An ounce of prevention is worth a pound of cure -- and some cyber pros agree that an effective cyber posture is a combination of people, processes and tools.

Many are turning to the NIST Framework for Improving Critical Infrastructure Cybersecurity as a comprehensive strategy to prevent the fire drills. The framework was developed in a year-long, collaborative process between industry, academia and government stakeholders. It's designed to work in any enterprise -- public or private.

Want to learn more about the NIST Framework? Check out the abridged version (http://software.dell.com/nistframework/?mkt_tok=3RkMMJWWfF9wsRoiuK7OZKXonjHpfsX57%2BkqUaW 3lMI%2F0ER3fOvrPUfGjI4HTMNjI%2BSLDwEYGJlv6SgFSrLNM apoz7gLXxQ%3D). This Framework assessment tool helps agencies determine your cyber security capabilities and set goals for your future defense. NIST suggests organizations use the Framework to:


Conduct a basic review of cyber security practices

Establish or improve a cyber security program

Communicate cyber security requirements to stakeholders

Identify new or revised references for solutions

Stop, Drop, and Roll

Don't forget to test your smoke alarms. And if they go off, don't ignore them. This said, alarms and point products won't keep you safe, and won't keep you off the front page of the Washington Post. Check out the Framework to jump start your comprehensive, integrated cyber defense. Smokey's smiling. -- This feed and its contents are the property of The Huffington Post, and use is subject to our terms. (http://start.westnet.ca/newstempch.php?article=terms.html/) It may be used for personal consumption, but may not be distributed on a website.
http://feeds.huffingtonpost.com/c/35496/f/677045/s/479116ef/sc/31/mf.gif


More... (http://feeds.huffingtonpost.com/c/35496/f/677045/s/479116ef/sc/31/l/0L0Shuffingtonpost0N0Cstephen0Ew0Et0Eo0Cburnin0Edo wn0Ethe0Ehouse0Ib0I76558960Bhtml/story01.htm)