1 / 12

Antivirus Technology in State Government

Antivirus Technology in State Government. Kym Patterson State Chief Cyber Security Officer Department of Information Systems. Current World Environment 25,000 new virus samples submitted daily Antivirus vendors leaning toward whitelisting 80% of malware is motivated by money

stephanie-hess
Download Presentation

Antivirus Technology in State Government

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Antivirus Technology in State Government Kym PattersonState Chief Cyber Security OfficerDepartment of Information Systems

  2. Current World Environment 25,000 new virus samples submitted daily Antivirus vendors leaning toward whitelisting 80% of malware is motivated by money Increasingly hard to detect malware

  3. Bot Activity Bots talking to each other in different ways No command and control servers to identify Communication between bots through peer to peer mode via encrypted web channels

  4. Current State Network Environment SCSO tracks 150 ongoing issues each day 50 new issues identified each day More than 5,000 DNS resolutions to foreign servers daily Most popular DNS server is in Eastern Europe Several hundred incident notifications from external organizations each year At any given time, there are 60 state computers acting as primary nodes on a peer to peer network Three of these computers typically generate 500,000 peer to peer sessions daily

  5. Current State Environment Purchase antivirus and endpoint protection software from 10+ vendors at several price points Run 60 versions of these types of software Some organizations don’t update signature files Organizations pose a threat to each other on the state network

  6. Future State Limit number of AV or endpoint protection products in our environment Make wise use of state dollars by combining buying power More bandwidth and computer availability due to low infection rate Improved productivity resulting in better government service delivery Improved response time to cyber outbreaks

  7. Advantages of Less Diverse Environment Total cost of ownership would be less Savings could be spent on other security measures More organizations likely to buy and be protected Less threat on the state network Better reporting and auditing Improved compliance with security mandates Shorter threat period by working with fewer vendors Manageability and scalability Increased network reliability and performance

  8. Endpoint protection can include: Host-based intrusion prevention system Firewall Antivirus Antispyware Central management capability Data Loss Prevention Encryption

  9. Next Steps Gather requirements from agencies and state security working group Work with Office of State Procurement to identify vendors to provide antivirus and endpoint protection products on state contract Agencies would determine migration to these products as existing software licenses expire

  10. Ease of use • Update frequency • Service and support • Update distribution • Audit and report capability • Log • On demand scanning • Port control • Encryption • Scheduled scans • Link scanner • Cross browser • Webmail protection • Ability to run on multiple platforms • Script protection • Malware detection capabilities • Policy management Possible Antivirus and Endpoint Protection Requirements

  11. SAMP L E T I ME L I N E

  12. Questions? Kym PattersonState Chief Cyber Security OfficerDepartment of Information Systems

More Related