The 30-day Cybersecurity Sprint
As a result of the recent OPM hack that may have compromised the personal information of as many as 18 million retired and current Federal employees, Tony Scott, United States Chief Information Officer, launched a mandatory 30-day Cybersecurity Sprint that requires Federal agencies to take several steps to help better protect Federal information and assets and increase the resilience of U.S. Federal networks. The mandate requires Federal agencies to:
- Immediately deploy indicators provided by DHS regarding priority threat-actor Techniques, Tactics, and Procedures to scan systems and check logs
- Patch critical vulnerabilities without delay
- Tighten policies and practices for privileged users
- Dramatically accelerate the implementation of multi-factor authentication, especially for privileged users
Federal agencies will have their work cut out for them to meet these requirements, especially given that many are already struggling to keep up with the current workload of day-to-day security and IT operations management. Security Operations and Computer Incident Response teams at most agencies are overworked and are dealing with outdated and incomplete data as they hunt for intruders on their networks and endpoints. However, a new generation of technology that enables dramatically faster, more accurate and complete detection, investigation, remediation and ongoing enforcement of endpoint security completely changes the game for IT organizations to quickly and cost-effectively meet these new requirements.
Tanium’s endpoint security
Tanium is the only platform that enables a closed-loop process for endpoint security — spanning detection, investigation, remediation and ongoing enforcement of IT security across the organization — with unprecedented speed and scale. This is truly transformational, as it breaks down the silos between Security and IT Operations that can stall security and introduce business risk. With Tanium, for the first time, Security and IT Operations teams have shared visibility into security issues and can more effectively collaborate to detect, investigate, remediate and build good security hygiene into ongoing IT operations processes. Specific to the OPM mandate requirements, Tanium enables agencies to patch millions of endpoints at speeds 10,000 times faster than existing solutions, which many times take days, weeks or months to complete — if at all. At one government customer, Tanium was used to successfully deploy nearly 2,000 patches across 150,000 endpoints every 15 seconds — a fraction of the time it previously took with their legacy tools. Tanium’s unique communications architecture does not require any relay or intermediate servers, dramatically reducing the infrastructure management costs of patching as well. This is an exponential improvement in both performance and cost over existing technologies in use at agencies today.
Tanium also gives agencies the ability to automate the process of ingesting large volumes of Indicators of Compromise (IOCs) and scanning all endpoints in seconds to minutes, regardless of the size or complexity of the network. At one large government customer, Tanium scanned over 150,000 endpoints for the presence of IOCs in less than 3 minutes. When IOCs were found, Tanium was also used to automatically respond in seconds. The ability to detect IOCs and automate remediation with unprecedented speed and scale allows agencies to finally stay a step ahead of the intruders.
In a recent interview with Federal News Radio, Tony Scott called the OPM crisis “a critical inflection point for the IT industry” and stated the need for the “capability to quickly detect when something has happened, isolate and contain, and then clean and return to normal operation.” He urged the tech industry to come together and lean forward quickly to identify solutions to these challenges.
Tanium stands ready to lean forward with our Federal government partners and not only help meet the requirements of the 30-Day Cybersecurity Sprint, but to provide a fundamentally new approach to security and systems management that delivers the speed, flexibility, and scale that Federal agencies need every day to make better decisions, reduce costs and take action quickly in the face of increasing cyber threats.