Booz Allen Hamilton : Cyber Threat Hunting at Scale Across .Gov
October 20, 2021
Share
U.S. government agencies can never be sure how many undetected cybersecurity compromises are in their networks-and what harms are in the offing. Stealthy cyber threats bombard Federal Civilian Executive Branch (FCEB) agencies around the clock. Attackers rapidly innovate, outpacing advances in defenses. Moreover, finding malicious actors is hard. The scale of the problem is daunting. To push back on this uncertainty, organizations hunt threats in their own networks, but implementing threat hunting on a federal scale is a unique challenge. The Cybersecurity and Infrastructure Security Agency (CISA) will need a creative solution from industry to achieve mission-critical objectives.
Our report,Cyber Threat Hunting at Scale Across .Gov, explains what leaders need to know to get started:
Booz Allen recommends building on the foundation of the Continuous Diagnostics and Mitigation (CDM) approach and leveraging past investments in current capabilities. FCEB agencies should centralize, retain, and hunt through their own data at the agency level, leveraging analytics and processes provided by CISA. We call this solution "distributed threat hunt."
Distributed FCEB agency teams would independently stalk cyber threats in their own environments with smart automation, shared analytics, and near-simultaneous operations.
We explain how this approach would empower FCEB agencies and how key functions should be distributed. Our report also includes three steps leaders can take now to begin deploying distributed threat hunt at scale.
By smartly increasing the scale of cyber threat hunting across federal networks, CISA and FCEB agencies can turn the tables on sophisticated, determined adversaries set on harming U.S. national security. Now is the time to detect, identify, and mitigate cyber threats across the .gov domain by harnessing the power of distributed capabilities.
Attachments
Original document
Permalink
Disclaimer
Booz Allen Hamilton Holding Corporation published this content on 21 October 2021 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 13 November 2021 05:39:00 UTC.
Booz Allen Hamilton Holding Corporation is a holding company. The Company provides management and technology consulting, analytics, engineering, digital solutions, mission operations, and cyber services to United States (US) and international governments, major corporations, and not-for-profit organizations. Its analytics service offering focuses on providing solutions the areas of artificial intelligence (AI), such as machine learning (ML), deep learning, data science, such as data engineering and predictive modeling, automation and decision analytics, and emerging areas, such as quantum computing. Its consulting service offering focuses on the talent and expertise needed to solve client problems and develop mission-oriented solutions for specific domains, business strategies, human capital, and operations through new approaches. Its engineering solutions deliver engineering services and solutions to define, develop, implement, sustain, and modernize complex physical systems.