Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Independence Day

In cybersecurity as in national security, remembrance and eternal vigilance are essential to maintaining our freedom.

Our nation has seen many changes since its founding 240 years ago, and it still is functioning pretty well despite the fact that our security and economy today depend largely on technology that did not exist a little more than a generation ago. But the keys to protecting our liberty and promoting the general welfare remain the same in cyberspace as in the real world: remembrance and eternal vigilance.

Remembrance

Those who cannot remember the past are condemned to repeat it

During our Independence Day celebrations we remember the challenges our nation has faced and the lessons we have learned from them. George Santayana wrote, “Those who cannot remember the past are condemned to repeat it.” The threats we have faced in the real world are varied, but we have learned from them and meet them with a strong defense and national resolve. Unfortunately, this is a lesson we still are learning in cyberspace. Despite repeated high-profile breaches of government information systems, our cybersecurity remains incomplete.

A recent evaluation by the Government Accountability Office found that 18 Executive Branch agencies with high-impact systems—those holding sensitive information whose loss could cause catastrophic harm—rated cyberattacks from nation-states as the most dangerous and frequently-occurring threat these systems face. Yet although there are regulatory requirements and technical guidance from the National Institute of Standards and Technology, a review of four agencies found cybersecurity gaps in their high-impact systems.

“Until the selected agencies address weaknesses in access and other controls, including fully implementing elements of their information security programs, the sensitive data maintained on selected systems will be at increased risk,” the report concluded.

Vigilance

Agencies should be constantly monitoring the status of and activity on their networks and attached systems

One of the basic principles for fully securing our information systems was recognized nearly 200 years ago: “Eternal vigilance is the price of liberty." Thomas Jefferson and the others to whom this statement has been attributed were not talking about cybersecurity, but it applies just the same. The Homeland Security Department has made continuous monitoring the standard for federal cybersecurity. This means that instead of static, periodic assessments of IT systems every month, year, or three years, agencies should be constantly monitoring the status of and activity on their networks and attached systems. This level of visibility allows agencies to not only respond quickly to incidents, but to be proactive and eliminate or mitigate threats before they become incidents.

This standard is supported by the Continuous Diagnostics and Mitigation (CDM) program, and by a Blanket Purchase Agreement through the General Services Administration. This makes available off-the-shelf technology to give real-time visibility into government networks and systems. Products such as the Tenable SecurityCenter Continuous View™ provide this vigilance so that agencies can ensure that their systems are protected, and the intelligence needed to protect our most valuable assets by defending against the most serious threats.

Security and liberty

In recent years attention has been paid to an apparent conflict between security and liberty. Yet while it is true that liberty can be threatened by abuses in the name of security, the two are not mutually exclusive. In fact, there is little liberty without security. As with so much else, this applies in cyberspace as well as the real world.

There is little liberty without security

Without adequate security, we cannot have the freedom to access and use information online with confidence, we cannot rely on the privacy of information that we use in online transactions, and we cannot depend on the delivery of critical services by our government. We achieve that security by remembering and learning from the lessons of the past, and by exercising eternal vigilance.

Related Posts

Subscribe to the Tenable Blog

Subscribe
Try for Free Buy Now

Try Tenable.io

FREE FOR 60 DAYS

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Sign up now.

Buy Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

$2,275.00

Buy Now

Try for Free Buy Now

Try Nessus Professional Free

FREE FOR 7 DAYS

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy Nessus Professional

Nessus® is the most comprehensive vulnerability scanner on the market today. Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save

Try for Free Buy Now

Try Tenable.io Web Application Scanning

FREE FOR 60 DAYS

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable.io platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Buy Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

5 FQDNs

$3,578.00

Buy Now

Try for Free Contact Sales

Try Tenable.io Container Security

FREE FOR 60 DAYS

Enjoy full access to the only container security offering integrated into a vulnerability management platform. Monitor container images for vulnerabilities, malware and policy violations. Integrate with continuous integration and continuous deployment (CI/CD) systems to support DevOps practices, strengthen security and support enterprise policy compliance.

Buy Tenable.io Container Security

Tenable.io Container Security seamlessly and securely enables DevOps processes by providing visibility into the security of container images – including vulnerabilities, malware and policy violations – through integration with the build process.

Learn More about Industrial Security

Get a Demo of Tenable.sc

Please fill out the form below with your contact information and a sales representative will contact you shortly to schedule a demo. You may also include a short comment (limited to 255 characters). Please note that fields with asterisks (*) are mandatory.