A New Way for Government to Fight Ransomware
State and local governments face a number of competing priorities ranging from recruiting the next-gen workforce to improved citizen service delivery to accelerating digital transformation. Employing network monitoring and segmentation solutions can help state and local governments fight ransomware with better cyber hygiene.
To capture what’s at the forefront of state agendas this year, the National Association of State Chief Information Officers (NASCIO) released its 10th iteration of the State CIO survey. Unsurprisingly, cybersecurity clinched a spot among the top priorities. It’s safe to say that this might be due to one especially nefarious cyberthreat that remains top of mind for every state and local CIO, CISO and IT/security professional alike: ransomware.
Research shows that in 2019 alone, nearly two-thirds of all publicly known ransomware attacks in the US targeted state and local governments, not even counting the 23 local government entities in Texas that were hit by ransomware this past summer.
Being prepared and practicing good cyber hygiene were highlighted as two best practices against ransomware at the NASCIO conference this year. In line with these best practices, traditional countermeasures against ransomware include data backup and recovery solutions. While these are important for recovery efforts, state and local governments must also adopt more proactive measures in mitigating threats to the network and minimizing potential damage.
Since ransomware primarily exploits network misconfigurations and vulnerabilities, governments must improve visibility into all activity on networks, apps and devices. Without such insights, IT teams can’t detect and remediate threats fast enough to maintain top performance, business and administration continuity, or the protection of citizen data.
At Riverbed, our team of professionals and engineers are committed to helping state and local governments better protect their departments and organizations while enhancing the end-user experience for employees and citizens alike. Here’s how we can help you prepare and practice good cyber hygiene without sacrificing optimal digital performance.
Preparation: know what’s on your networks
Today’s cyber-attackers no longer use the infamous “smash-and-grab” style to break into a system. They use sophisticated tactics that allow them to breach a firewall and even determine who has access to what. That’s why state and local stakeholders should practice proper device labeling and patch management to proactively learn about networks while improving visibility. Additionally, you need the ability to identify even the smallest anomaly, whether it’s irregular device activity or a user attempting to access a file outside of their assigned privileges.
Riverbed End-User Experience Monitoring (EUEM) is a signature solution that allows IT teams to monitor networks at a granular level, so you can proactively monitor networks based on app and device activity through the end-user perspective and rapidly address any irregularities. With EUEM, you gain insights into the actual end-user experience in near real-time on any local, cloud, web or enterprise mobile app regardless of whether it’s running on a physical, virtual or mobile device.
EUEM enables automated patch management, device labeling and app rationalization, so you know what’s in your entire IT ecosystem, can better identify what’s normal for network traffic and pathways, and pinpoint where any anomalies occur.
Good cyber hygiene: segment your networks
State and local agencies tend to spread IT infrastructure across a number of departments and locations, making remote branch office networks a prime target for cyber-attackers. Software-defined Wide Area Networks (SD-WAN) is becoming more popular for state and local governments because it uses software to control networks across large geographical territories, delivering improved app and network performance to branch offices while centralizing control and management for IT.
More importantly, however, SD-WAN can improve network security by encrypting WAN traffic and segmenting the network to minimize damage in the event of data breaches. Network segmentation is a key cyber defense best practice that the FBI encourages.
Riverbed’s SD-WAN solution includes automatic provisioning to maximize simplicity for lean IT teams while improving application performance (over 33 times faster) for all employees regardless of distance or location. When traffic becomes congested, SD-WAN automatically redirects application traffic and users to the appropriate paths.
Ensure good cyber hygiene by implementing comprehensive security features without compromising app performance. Riverbed SD-WAN can backhaul SaaS and cloud applications to a centralized security infrastructure in a data center and allow you to incorporate a full spectrum of capabilities from Deep Packet Inspection (DPI) to advanced content/URL filtering—to harden the expanded attack surface at branch offices.
Riverbed’s SteelConnect EX series, in particular, gives you the ability to automatically deploy network services like VPNs and firewalls, giving IT teams more power to manage complex network landscapes with zero-touch provisioning (a switch feature that allows devices to be configured automatically, without the manual labor of adding them to a network).
It’s safe to say that the threat of ransomware isn’t going away anytime soon. But by focusing more on the network to improve preparation and cyber hygiene, state and local governments can stand a better chance against a rapidly evolving threat landscape—and continue delivering on important mission priorities like improving citizen services and accelerating digital transformation.