The Importance of Network Insight
December 05, 2019 by
The number of cyberattacks threatening the public sector is growing. Many government organizations simply don’t have the technical resources on staff to handle the ever-increasing risks, and very few have dedicated security experts who can manage fully effective cybersecurity programs.
Because cybercriminals can evade traditional defenses, a network can be compromised in a matter of minutes. And studies show that it can take an agency anywhere from months to a year to uncover an intruder, let alone recover from the fallout.
Aaron Kostyu, director of technology for Lowndes County, GA, understood the risks and knew he needed better insight into the activities on his network, but also faced the common staffing hurdles.
Managed Threat Detection
A solution arose in the form of a managed threat detection service. Because the service included analysis by security experts, Kostyu felt as if he had a natural extension of his staff. “We feel strongly that it takes human eyes and logic to be able to quickly and efficiently spot suspicious activity and defend against today’s hacker activity that is constantly evolving to infiltrate systems," he noted.
The same day the county deployed the new service, an analyst discovered a type of malicious Trojan on a compromised computer that could potentially provide unauthorized access to an attacker. The analyst immediately alerted Kostyu’s team, which removed the infected end user machine from their network. As it turned out, the Trojan had been on the device and undetected since 2014.
In addition to catching an existing breach, the service provides daily reports that educate the county’s staff on what normal network traffic looks like. According to Kostyu, “awareness of my network has increased 80%.” Small things that appear on reports are newly noticeable, and insight into all network traffic is better informing the team’s actions.
"There is absolutely no way for a CIO or technology director to be aware of what is going on in their environment without a tool like Tyler Detect,” stated Kostyu. “Knowing that I have security experts monitoring my traffic 24/7 for any deviant behavior is an added bonus that gives me and the county’s management team peace of mind."