For malicious actors, capturing the data held in government information systems represents hitting the jackpot, and we continue to see this reflected in the persistent, and highly motivated efforts of adversaries against government systems. In almost every recent breach, misuse of privilege accounts and passwords is a common theme. But external attacks against privileged accounts can be surprisingly predictable.

Government IT professionals are faced with the challenge of balancing the need to protect critical data with the need to enable users and administrators to be efficient and effective in support of agency mission achievement. So how can this be achieved, while thwarting the efforts of malicious actors?

In this brief explore:

  • Patterns of the external attack
  • Defending against gained entry
  • Preventing access
  • Blocking malicious action