In previous blog posts, I spent a good deal of time focusing on the threat landscape facing State, Local Government and Education systems. Recently, I talked about risks to critical infrastructure and cyber threats to vitally important programs such as Medicaid, and I also cautioned against pitfalls in security strategies that too many leaders and practitioners overlook.
In this post, I’d like to take a step back and paint a vivid picture of FireEye’s identity as a partner to the State, Local Government and Education sectors. From our experience working with numerous clients in local government, higher education institutions, K-12 districts and nearly half of State governments in the U.S., we have developed a unique understanding of the challenges individuals are facing, and we have aligned our solution and product development to help them rise above those challenges.
Improving visibility of the threat landscape, using red-team exercises to put security teams to the test before an attack, addressing workforce shortages through our managed services or staff augmentation, providing advanced warning of threats over the horizon from our threat intel, delivering detection on all forms of attack and helping teams focus on what matters most – this is what we do at FireEye.
Put simply, we help organizations take a lean, forward, proactive approach to cyber security.
FireEye is well known as the “Advanced Persistent Threat” or “Breach Response” company. While we are extraordinarily proud of our history of helping clients address aggressive attacks from advanced adversaries such as nation states, we view our role a bit more holistically. FireEye is not solely focused on one threat vector or type of adversary; rather, we are focused on countering evolving threats facing public and private sector organizations around the globe.
Regardless of the adversary – criminal, hacktivist or nation state – and regardless of the techniques, tactics and procedures that they employ, FireEye delivers services and products designed to restore a position of confidence in the face of attacks. We exist to protect critical infrastructure and put an end to the theft of America’s competitive future driven through intelligence collection, intellectual property theft, and the theft of personally identifiable information.
Our view is that the security industry is in the midst of a revolution, and we are leading it – moving away from reactionary, event based strategies towards a proactive, intelligence-led approach. While we believe we are in the best position to bring about this revolution by helping drive change across people, process and technology, we recognize we cannot solve the world’s cyber problems alone.
As such, we pride ourselves in acting as an unbiased partner by devoting our expertise to cyber security commissions and task forces at the State and national levels. We are proud of the role we played in the first-ever all-state cyber security summit. We have formed partnerships with State Fusion Centers to share threat information and train Fusion Center analysts. We are equally proud of the work we do with the National Association of State CIOs (NASCIO). We are honored to help heighten awareness of cyber security threats, trends and new approaches by informing elected officials, including Governors and their staff, Legislators, county elected officials, key senior agency staff such as Homeland Security Advisors, CIOs and CISOs, Medicaid directors and University officials.
We are committed to advancing America’s national security interests by supporting the creation and adoption of policies that drive better preparedness, compliance, resiliency, measurement and assurance. For example, we are heavily engaged in the Information Sharing and Analysis Organization development process and we have participants in every working group.
How We Can Help Today and in the Future
Whether through information sharing, support with preparedness, force multiplication, advanced warning from cutting edge intelligence, advanced detection, security as a service, or prioritization and rapid response, FireEye stands at the ready to help turn the tide against adversaries.
Our services and solutions are cutting edge and designed with evolving threats in mind. In fact, we were the first organization awarded SAFETY Act certification by the Department of Homeland Security.
- Information Sharing – Increasing Visibility of the Threat Landscape: Currently, the FireEye Information Sharing Network facilitates the open sharing of hundreds of thousands of malware samples on a daily basis, provides an avenue for one-on-one sharing of information deemed more sensitive, and serves as a pathway for advanced notice of FireEye’s proprietary security research. The information shared is anonymized to exclude personally identifiable information or anything that could identify a victim company, and the information shared by FireEye adheres to the strict confidentiality obligations contained in our customer agreements.
- Preparedness – Putting Defenses to the Test: We believe that the best way to ensure individuals are ready to respond to and thwart attacks is to continually test the people, processes and technology for readiness. We have developed an entire suite of services (red-teaming, pen testing, security program assessments, response readiness assessments, etc.) focused around preparedness, and a majority of our clients across the State, Local and Education domains employ these services today.
- Force Multiplication, Security as a Service and Rapid Response – Overcoming Employee Shortages: We understand that individuals are struggling to fill the massive cyber security employment gap that exists across the country. Whether through retaining one of our experts on premises as a Forward Deployed Analyst, adopting our FireEye as a Service offering or retaining us under an Incident Response Retainer, we put forth our best and brightest to work on any cyber mission.
- Advanced Warning – Keeping Pace with Threats Over the Horizon: Through our Intelligence offerings, we provide the most comprehensive view into threats over the horizon. We provide a contextually based understanding of the past, present and future capabilities of an individual’s adversaries and keep eyes on attackers in the same way they are keeping eyes on our clients.
- Advanced Detection – Stopping Advanced Attacks at the Doorstep: We help individuals detect and prevent attacks at the doorstep without the need for signatures and regardless of the attack surface. Network, email, mobile, and endpoint – we provide protection at the point of attack.
- Prioritization – Helping Teams Address What Matters Most: Filtering the noise and focusing resources on the threats that matter most is possibly one of the most difficult yet important challenges to overcome. We have developed a suite of Security Management solutions that focus on central management, orchestration and threat analytics to help people overcome this challenge.
By threading these elements together, we believe we have created the most comprehensive, next generation cyber security platform – a platform that is flexible, customizable, and offered in a variety of form factors and cost models, based on our client’s unique needs.
I sincerely hope that this provides better awareness of our role in supporting our client’s missions, and I hope it gives an understanding of how we aim to help our customer’s overcome the challenges of today and tomorrow.
I invite anyone to drop us a line to further discuss any of the aforementioned details, and I encourage and welcome everyone to continue coming back to this blog for more of our insights into threat trends and other germane challenges we are seeing in the State, Local Government and Education communities.