Trustwave for Government
Enables government customers to take a holistic approach to security risk management with our long history of supporting the government
Intelligence, defense and civilian agencies, as well as state governments, are prime targets for attackers because they hold vast amounts of personal information about citizens and residents. They also face threats from a range of adversaries, including state-sponsored hackers.
Overview:
Government agencies are getting hit from all sides. Non-state and state-sponsored adversaries continue to probe systems and wage attacks that grow in sophistication. Their end goal ranges from stealing sensitive data and conducting reconnaissance to disrupting and defacing websites.
Insiders after classified information, meanwhile, pose a major threat as well, and roughly half of federal departments and agencies lack the capabilities to implement an effective insider threat program, according to the Information Security Environment’s 2013 annual report to Congress.
A recent report by the U.S. Government Accountability Office, which surveyed the 24 major federal agencies, found they have been inconsistent in implementing cybersecurity requirements from the Federal Information Security Management Act (FISMA).
Specifically, the GAO found issues with the agencies' ability in:
- Designing and implementing risk-based cybersecurity programs.
- Establishing and identifying standards for critical infrastructures.
- Detecting, responding to and mitigating cyberincidents.
Solutions
Trustwave enables our government customers to take a holistic approach to security risk management with our long history of supporting the government. Here are some of the ways we can help:
SIEM
Helps you gain broad visibility of threats to your network and improve your compliance process through logging, monitoring, and analysis of events.
Web Application Firewall
Protects web applications against external attackers who may use vulnerabilities, such as SQL injection, to steal sensitive information.
Secure Web Gateway
Enables safe and productive access to Web 2.0 while ensuring compliance, minimizing data loss and eliminating malware risks
Secure Email Gateway
Prevents bandwidth-hogging spam and data-stealing attacks from entering the network, while inspecting outbound content to ensure confidential data doesn’t exit.
Data Loss Prevention Allows you to discover and classify ePHI and prevent it from leaving the network.
Network Access Control
Ensures managed and unmanaged devices connecting to the network comply with policies and do not introduce malware.
Database Scanning
Application Security Inc.'s DbProtect and AppDetectivePRO discover, assess and report on vulnerabilities, misconfigurations and improper access controls within databases, and map to requirements included in the DHS CDM Program, CIS Security Benchmarks, DISA STIG and FedRAMP.
Penetration Testing
Identifies and manages potential vulnerabilities in your networks, applications or databases.
Security Awareness Education
Instructs your employees and contractors to understand the threat of social engineering and follow best practices for security, including password management and the safe use of web and social media tools.
Benefits:
Detect, Respond and Mitigate
We help you collect and analyze security events so you can spot anomalous behavior before it harms your organization. In the unlikely case of a successful attack, our forensic investigators can immediately come in to identify the source of the attack, determine the extent of the breach, contain any damage and assist your internal response around the clock.
Meet Compliance
Regulatory and industry pressures facing government agencies and departments, notably FISMA and PCI DSS, require organizations to have a thorough understanding of their risks and then be able to implement policies and technology to rectify any deficiencies. Trustwave solutions are created with compliance in mind, and directly can map back to all of your requirements, no matter how prescriptive they are.
Automate and Achieve Simplicity
Through our cloud-based TrustKeeper platform, you get a single view into of your technologies and services, so you can more effectively manage your security program. In addition, you can centrally automate and manage controls, policies and procedures across multiple compliance frameworks. Whether your agency is large or small or something in between, TrustKeeper is built to scale with you.
Documentation:
Download the Trustwave Security Solutions for Government Data Sheet (PDF).
Download the Trustwave SIEM for Government Data Sheet (PDF).
Download the Trustwave Data Loss Prevention for Government Data Sheet (PDF).
Download the Trustwave Network Access Control for Government Data Sheet (PDF).
Download the Trustwave PCI Compliance Program for State Government Data Sheet (PDF).