Presentation is loading. Please wait.

Presentation is loading. Please wait.

Antivirus Technology in State Government Kym Patterson State Chief Cyber Security Officer Department of Information Systems.

Similar presentations


Presentation on theme: "Antivirus Technology in State Government Kym Patterson State Chief Cyber Security Officer Department of Information Systems."— Presentation transcript:

1 Antivirus Technology in State Government Kym Patterson State Chief Cyber Security Officer Department of Information Systems

2 Current World Environment 25,000 new virus samples submitted daily Antivirus vendors leaning toward whitelisting 80% of malware is motivated by money Increasingly hard to detect malware

3 Bot Activity Bots talking to each other in different ways No command and control servers to identify Communication between bots through peer to peer mode via encrypted web channels

4 Current State Network Environment SCSO tracks 150 ongoing issues each day 50 new issues identified each day More than 5,000 DNS resolutions to foreign servers daily o Most popular DNS server is in Eastern Europe Several hundred incident notifications from external organizations each year At any given time, there are 60 state computers acting as primary nodes on a peer to peer network o Three of these computers typically generate 500,000 peer to peer sessions daily

5 Current State Environment Purchase antivirus and endpoint protection software from 10+ vendors at several price points Run 60 versions of these types of software Some organizations don’t update signature files Organizations pose a threat to each other on the state network

6 Future State Limit number of AV or endpoint protection products in our environment Make wise use of state dollars by combining buying power More bandwidth and computer availability due to low infection rate Improved productivity resulting in better government service delivery Improved response time to cyber outbreaks

7 Advantages of Less Diverse Environment Total cost of ownership would be less o Savings could be spent on other security measures More organizations likely to buy and be protected o Less threat on the state network Better reporting and auditing Improved compliance with security mandates Shorter threat period by working with fewer vendors Manageability and scalability Increased network reliability and performance

8 Endpoint protection can include: Host-based intrusion prevention system Firewall Antivirus Antispyware Central management capability Data Loss Prevention Encryption

9 Next Steps Gather requirements from agencies and state security working group Work with Office of State Procurement to identify vendors to provide antivirus and endpoint protection products on state contract Agencies would determine migration to these products as existing software licenses expire

10 Possible Antivirus and Endpoint Protection Requirements Ease of use Update frequency Service and support Update distribution Audit and report capability Log On demand scanning Port control Encryption Scheduled scans Link scanner Cross browser Webmail protection Ability to run on multiple platforms Script protection Malware detection capabilities Policy management

11 SAMPLETIMELINESAMPLETIMELINE

12 Questions? Kym Patterson State Chief Cyber Security Officer Department of Information Systems


Download ppt "Antivirus Technology in State Government Kym Patterson State Chief Cyber Security Officer Department of Information Systems."

Similar presentations


Ads by Google