This post is also available in: 日本語 (Japanese)
Last year, three-quarters of the U.S. federal government’s IT budget were spent on supporting and maintaining legacy systems. Combined with the Cloud Smart strategy, agencies have more reasons than ever to consider cloud alternatives to on-premise applications, services and storage.
Cybersecurity is one cloud service that can make a big impact. Like other services from the cloud, cloud-delivered security scales quickly and easily and simplifies deployment and management. These are all attractive traits for departments struggling under the weight of their IT infrastructure.
But cloud-delivered security has other advantages. Zero-day malware prevention is a great way to start with security from the cloud since you can reap immediate dividends. First, many agency departments do not have zero-day threat prevention protecting all of their assets, such as desktops, servers and cloud workloads. Rather than adding new products to your on-premise infrastructure, begin as you mean to continue: in the cloud.
Reduce risk from constantly increasing cyberthreats
Second, unknown or zero-day malware and ransomware is increasing in volume, velocity and variety. We’re still seeing a year-over-year increase in the amount of malware targeting governments. We are also seeing new threats that are successfully infiltrating governments and enterprises. As an example, cryptojacking is a relatively new malware area that increased a thousand percent in governments over the last year, according to Palo Alto Networks AutoFocus contextual threat intelligence service. Hackers use cryptomining malware to infiltrate servers and endpoints, and then use their computing power to mine cryptocurrency for profit. Governments, with their huge amount of computing resources, are a popular target. Once hackers start mining, server energy consumption goes up and lifecycle goes down, threatening citizen services as well as critical infrastructure.
Prevent data breaches
Cryptomining malware is a small but growing threat, but it’s also the “canary in the coal mine.” If a hacker can penetrate your servers, it’s a strong signal that your servers can be compromised to steal data. Cyberespionage is still the primary motive behind public administration data breaches and most threat actors use more than one type of malware to gain access and quickly exfiltrate data. Zero-day malware prevention in the cloud scales quickly and automatically to deal with spikes in malware activity.
Gain the wisdom of the cloud crowd
While scalability and operational efficiency are excellent advantages, the real benefit of cloud-delivered malware prevention is the fact that it can deliver better threat intelligence. With a cloud repository, your agency has the potential to leverage the wisdom of a global threat sharing community. Thousands of new pieces of malware are created every day around the world, and they travel quickly, targeting governments before they can adapt their defenses. Not only can you receive threat intelligence on malware seen in other government departments, you can benefit – in seconds – from other governments or industries around the world reporting the malware they have seen. And since the cloud is everywhere, its threat intelligence can even reach the computers of employees who are traveling outside the agency network.
Automatic protections – the gift that keeps on giving
Of course, your SOC can’t possibly detect, let alone build protections against, multiple pieces of malware every day. That’s where automation comes in. In terms of the cyberattack lifecycle, it’s best to use automation in the early stages of a cyberattack, preventing malware and exploits from getting further along the lifecycle. Cloud-delivered malware prevention can speedily detonate malware, analyze it, and develop and deliver protections against it in minutes. That frees up time for the valuable resources in your SOC to focus on hunting persistent threats.
Preventing breaches is the goal of every agency. If you want to learn more about how Palo Alto Networks helps agencies automatically detect and prevent malware, visit our WildFire: U.S. Government page, a FedRAMP authorized, cloud-delivered service.