Dennis Reilly, vice president of federal sales at network visibility platforms provider Gigamon (NYSE: GIMO), has said government agencies should adopt cybersecurity platforms that work to provide “pervasive visibility” into data across all networks in order to prevent data breaches.
Reilly wrote that advanced persistent threat actors use a six-stage framework, called the APT Kill Chain Model, to steal information from victims’ computers and networks.
The APT Kill Chain Model involves network reconnaissance, zero-day attack or phishing, backdoor malware installation, lateral movement, data collection and exfiltration stages, Reilly said.
He noted that agencies should deploy cyber tools that work to detect malicious network activities across all phases of the model, analyze network metadata, use behavioral analytics and perform security information and event management in order to identify network threat actors.
Reilly also advised agencies to implement an approach designed to offload Secure Sockets Layer decryption in an effort to gain visibility into network traffic across virtual, physical and cloud environments.
“What you can’t see, you can’t protect, ” Reilly noted.
“That’s why it is critical both to see data that’s in the clear and to decrypt any encrypted data so nothing is missed, ” he added.