Cybersecurity for State, Local and Educational Organizations: A Discussion with David Balcar, Security Strategist, VMware
In this article
CISOs at state, local and educational (SLED) organizations have multiple competing priorities: secure remote access and distance learning programs; provide enhanced citizen and student services; modernize apps; and contain costs – all while protecting data, maintaining operations and complying with regulatory mandates. Adding to that is the ever-increasing threat landscape, most notably the emergence of successful ransomware attacks on these organizations.
Bottom line is that protecting citizen and student data and information within SLED environments from evolving external threats while maintaining compliance and efficiency is critical. But how do these organizations enhance their cyber posture with limited resources and budget?
Prior to our Public Sector Tech Talk episode that aired on Tuesday, June 8, I sat down with David Balcar, Security Strategist for VMware to discuss the security challenges facing SLED organizations and to hear his perspectives on potential approaches to consider. Here are a few takeaways from that conversation.
In your opinion, what is the key challenge facing SLED organizations?
The fact remains that SLED organizations, over time, have purchased and deployed multiple security products from multiple vendors into various levels of their environments. Frankly, there are just too many solutions—in fact, some statistics show over 3,600 companies right now are working to solve various security problems—and there is simply no way for CISOs to get their heads around the sheer number of vendors, let alone understand how to integrate those different products within their networks.
Orchestrating a complex suite of solutions is prone to configuration issues and that's what Cyber Criminals are looking for. SLED organizations are getting breached at an unprecedented rate. This is why it is important to build security into an organization's infrastructure. From our perspective, that's why Intrinsic Security is important.
Will you please provide background on how VMware's Intrinsic Security approach can help?
Intrinsic Security is not a product, tool or bundle. It is a strategy for leveraging an organization's infrastructure and control points in new ways—in real time—across any app, cloud or device. It's a strategy that includes building security into an environment, not bolting it on. Rather than relying on a standalone product for each capability, Intrinsic Security maximizes controls directly built-in to the infrastructure. By leveraging the virtual layer, SLED organizations can use their existing infrastructure in new ways to protect endpoints and workloads, networks, workspaces, and clouds, while gaining greater visibility and control over policies. Intrinsic Security enables SLED organizations to:
- Segment networks and inspect traffic
- Consolidate endpoint and workload protections
- Protect digital workspaces
- Mitigate cloud security risks
- Adopt a zero trust architecture
Ultimately, Intrinsic Security provides rich context, not just about threats, but about endpoint, workload, network, workspace and cloud protections. Having this level of visibility can identify known behaviors and intended actions, including those aligned with applications, data, users, access points and configurations. It provides powerful knowledge that, combined with the latest threat intelligence, enables organizations to act faster to prevent and respond to new threats.
Do you have an example of how this has worked in a SLED environment?
Yes, absolutely. Osceola County Sheriff's Office serves the 360,000 residents of Osceola County, Florida. Its 500 officers and 300 civilian support staff work with the community to provide a safe and secure environment to live, work and visit. The Sheriff's Office must comply with many technology standards, including Florida Department of Law Enforcement (FDLE) and FBI Criminal Justice Information Services (CJIS) standards. It prioritized several initiatives to comply with these standards, including improving micro-segmentation while supporting growing security requirements.
From a security perspective, Osceola County Sheriff's Office leveraged the network visibility capabilities of VMware vRealize Network Insight, which played an important role during the deployment of NSX Data Center by helping the team better see traffic and understand communication between virtual servers. VMware Carbon Black Cloud added another layer to the Intrinsic Security strategy by providing end-to-end cybersecurity protection for law enforcement data.
In fact, Daniel Caban, director of information technology at Osceola County Sheriff's Office, offered this quote about the program:
"We feel VMware Carbon Black and its machine learning capabilities help fortify the security posture of the sheriff's office. The ease of use of VMware Carbon Black® Cloud Managed Detection™ takes a significant burden off my staff to ensure each endpoint and service is secured. Having the ability to know the exact process a threat takes to compromise a device enables my staff to analyze and take future actions so a threat cannot happen again."
What would you like to leave us with today?
CISOs in SLED organizations are under extreme pressure to protect citizen and student data as well as the interests of their states, localities, schools and universities. They need a comprehensive platform that provides visibility across all aspects of a network, as opposed to the patchwork, tools-based approach that generates significant vulnerabilities. Intrinsic Security simplifies and secures remote access; protects critical infrastructure, workloads, endpoints and data; as well as reduces costs while reducing risk.
For more, I invite you to listen to my Public Sector Tech Talk episode with David Balcar of VMware, available to stream now at the button below.