eGov Today

News and Insights from NIC Inc.

  • NIC Presents at Industry Security Summit

    By Leo Walsh |

    Recently I had the opportunity to deliver a case study presentation at the annual Gartner Security and Risk Management Summit. This conference offers Information Security Professionals from all levels of management the opportunity to learn about industry trends and discuss common issues with their peers. Specifically, I spoke about “Automating Firewall Management,” and how at NIC we have worked to simplify our large and complex firewall rule base, monitor detailed traffic flows, and automate manual compliance checks and audit processes.

    In addition to my presentation, the common theme among several sessions was that threat intelligence is becoming an increasingly valuable tool in protecting our infrastructures. As a result of the constant cat-and-mouse game we play with attackers, our Industry must move beyond the static practices of the last 10 years toward more dynamic, rapidly evolving solutions and process.

    Another valuable component of the summit, were the one-on-one peer sessions. In particular, I was able to discuss and learn about Identity Management within the government space. There are many technical challenges that governments share with the private sector in this area. However, governments are also saddled with some laws that force and/or forbid agencies to share identity information with others. Complying with conflicting laws is compounded by limited Federal- level guidance on how to safely implement Identity Management. One publication that I believe can be helpful for our government partners is the draft publication for Attribute Based Access Control (ABAC) from the National Institute of which should give guidance that agencies need to confidently implement ABAC. The publication is SP 800-162 and can be found here: http://csrc.nist.gov/publications/PubsDrafts.html#SP-800-162.

     

    Add Your Comment

    Post

    Leave a comment

CATEGORIES