Cybercrime's Evolution is Forcing the Public Sector to Adapt

At Black Hat USA 2014, experts weigh in on the direction cybersecurity technology must take to protect systems.

Black Hat 2014
YouTube/Hilton Collins
In the new world of cybercrime, criminals are targeting specific organizations and jurisdictions to steal government information -- and they're doing it to gain specific assets or goals, something that's been accepted by both the public and private sectors, according to one expert. 

Andrey Dulkin of Cyber Ark, says he feels that security software that detects anomalous behavior in the enterprise network could provide a vital defense for public-sector organizations. "Attackers are trying to impersonate legitimate users," he said, "so those technologies that are capable of detecting what is normal on the network and discover what is anomalous will be able to perhaps identify and detect those attacks and provide a trigger for responding to them."

Multiple experts at the 2014 Black Hat conference in Las Vegas joined Dulkin in sharing their thoughts on today's cyberthreats. According to them, the evolving cyberthreat landscape is forcing the public sector to change its security strategy. 

"Cybersecurity technology has to move away from the traditional mechanism which relies on detecting bad things, to protect a system from attack, and it's going to evolve into isolation of all information that comes from unknown sources," said William Gardner, Bromium's senior director of products.

Bob Hansmann, Websense's director of product marketing, has seen a change in customer demands thanks to the evolution. 

"A lot of public-sector customers were mainly looking at Web filtering 10 years ago," he said. "What we're getting a lot more requests for is the control of information. [The] public sector has a lot of data that must be kept confidential, private or otherwise secure, and they're looking for new methods of doing that while still allowing the right people to have access to the stuff they need to do their jobs."

And the evolution of cybersecurity is causing an integration of security technologies that used to be separate.

"The actual technologies are integrating. Email security and Web security used to be separate," Hansmann said. "Today they're becoming one solution because any threat you might see through email or through Web is also going to come through the other as well, so we're seeing an integration level that has just been unprecedented in the past."

He added that this includes technology for encryption as well as technology for blocking malware and unwanted websites. Gardner felt that public-sector network administrators should research cybertrends to stay on top of beneficial technology. 

"I think that public-sector customers just really need to stay aware of the evolution and the changes in the security space, and to ensure that they at least explore all the exciting new technologies that are currently evolving to really help to address the problem," Gardner said.

Hilton Collins is a former staff writer for Government Technology and Emergency Management magazines.