The security of sensitive data within the federal government remains a top concern. With the ever-present threat of insider breaches, cyberattacks and the growth of valuable data, federal agencies are facing unprecedented challenges in safeguarding critical information.
Justin Wilkins, director of sales engineering for Varonis, joins CyberScoop for a discussion on the state of data security in the government and the complex landscape of federal information protection.
Traditionally, significant investments have been directed toward preventing unauthorized access from external sources, with less attention given to securing data residing within the network. Even in agencies with robust security programs, phishing simulations reveal that users still fall victim, posing a significant risk given the scale of government agencies.
“What we’ve seen even in larger agencies with very good security programs is that when running these phishing simulations, at least 1% of users click on these links and enter their credentials. This is an issue because if you think about the scale of the problem, 1% of users entering their credentials, some agencies have thousands, or even hundreds of thousands of users, that becomes a giant vector for attack. And what happens is you have a ton of infiltration points. And it is a matter of when, not if,” says Wilkins.
Discussing the inevitability of cyberattacks, Wilkins advocates for reducing the “blast radius” of potential damage by restricting data access to authorized users. He underscores the importance of monitoring user behavior to detect anomalies early in the attack chain and highlights the significance of a data-centric approach.
Wilkins advises agencies to focus on data, understand access rights, automate risk remediation, and implement solutions for activity monitoring and analytics. He emphasizes the proactive management of data risks to reduce uncertainty and improve overall security visibility.
“If I’m monitoring what users are doing, I’m in a good position to reduce the uncertainty, improve my visibility, and ultimately limit the amount of time an attacker has to cause damage. And if that blast radius is reduced, I’ve now effectively limited what an account has access to and what users have access to. And if that account is compromised, there will be far less damage,” adds Wilkins.
Learn more about reducing the potential blast radius of cyber threats.
This video interview was produced by Scoop News Group, for CyberScoop and underwritten by Varonis.