Trending at CACI

The Kaspersky Incident

C4ISR, Cyber, & Space

How Smart Sensors Can Prevent Future Cybersecurity Disasters

New York Times journalists Nicole Perlwath and Scott Shane expose the threats posed by modern commercial software in an article that reads like a modern-day John Grisham novel. Their story details how Russia appears to have penetrated U.S. agencies via a backdoor in the popular Kaspersky Lab anti-virus software, sold by the Russian-owned company. On September 13, all federal agencies were ordered to remove Kaspersky software from their networks due to the threat the software posed.

While many are asking how this could have happened, the reality is that understanding how, where, and by whom commercial-off-the-shelf (COTS) software is developed is no simple task. That is why discovering and reporting on software installation and usage via a DHS-approved Continuous Diagnostics and Mitigation (CDM) dashboard solution is critical for federal government agencies.

Federal supply chain security policies require that products and code include security measures as they are built or developed. Supply chain security is an important tool for Chief Information Security Officers (CISOs) and when combined with enterprise architecture (EA) best practices can greatly reduce risk. EA and information security have a very symbiotic relationship. EA acts as the gatekeeper to the software castle, by only allowing trusted software into the enterprise. EA also performs alternatives analysis when new software is requested and helps determine if the shiny new software has true value or is simply a nice to have, while another trusted and tested product performs 90 percent of what the end- user needs.

In addition, EA keeps metrics on each piece of software: where it’s installed, how it’s used, when it’s used, and whether it’s effective. This critical function is only successful if there are sensors installed on every device on the network. In security circles, this is known as sensor grid density. Are there enough CDM sensors reporting data on cyber risks to give information security and IT operations a clear picture of what is happening on the network?

The Kaspersky incident shows how easily harmful software can be masqueraded, leaving a gaping hole in networks. More compliance checks don’t solve the problem – what’s needed is verification that dangerous software has been removed from the network. The right CDM sensor grid ensures that only trusted software is installed and used. An added benefit is that CDM helps CIOs reduce costs by reporting where software is installed and how often it is being used. CDM is an essential tool for network security and a very effective tool for CIOs who can use it to optimize IT resources. Its adoption will be a giant step forward in securing federal networks.

C4ISR, Cyber, & Space

Invent Your Future

Latest News

Removing Risk
Removing Risk: Investigating Data on the Dark Web
CACI’s DarkBlue® Intelligence Suite provides secure and safe access to...
Soldier in field looking towards horizon
All-Domain Sensing: Enabling Long-Range Speed and Precision
Situational awareness and speed to action are critical to mission success...
Delivering Advanced Space-Based PNT with CACI’s Latest DemoSat Launch
CACI launched two breakthrough software payloads from Vandenberg Space...
CACI Spotlight Series: Defining the Factory
The term ‘factory’ is very important to the ASF’s Agile-at-Scale delivery...