Thales e-Security’s Wayne Lewandowski: Federal Govt Should Invest in Enterprise Asset Protection

APTFilter AVGNews CERT-LatestNews FSecureNews KasperskyNews Malware McAfeeNews Security News SocialEngineering SophosNews SymantecNews ThreatsActivists ThreatsCybercrime ThreatsEconomic ThreatsStrategic TrendMicroNews Uncategorized VulnerabilitiesAdobe VulnerabilitiesAll VulnerabilitiesApple VulnerabilitiesApplications VulnerabilitiesCisco VulnerabilitiesCrypto VulnerabilitiesDBMS VulnerabilitiesFirmware VulnerabilitiesGoogle VulnerabilitiesHardware VulnerabilitiesLinux VulnerabilitiesMicrosoft VulnerabilitiesMozilla VulnerabilitiesNetwork VulnerabilitiesOS VulnerabilitiesVMWare VulnerabilitiesVOIP

Wayne Lewandowski

Wayne Lewandowski, vice president of federal business at Thales e-Security, has said he believes the U.S. government should shift cybersecurity spending from endpoint or network security to enterprise-wide protection of possible targets such as data.

Lewandowski told Federal News Radio in an interview that aired Monday the 2017 Thales Data Threat Report shows cyber budgets increased by 61 percent across the federal government.

The report, prepared by Thales e-Security and 451 Research, also revealed that only 25 percent of federal agency respondents believed there were no identified breaches or intrusion in their networks — the lowest among all sectors surveyed.

“We’re still seeing a significant investment in network security and endpoint security as a way of solving the problem and quite frankly that’s not where the issue is,” Lewandowski noted in the interview.

“We have to make the assumption that the adversary is in our network and has accelerated their ability to gain higher levels of access to privileged user accounts,” he added.

Lewandowski told the station he observed attackers are more interested in monetizing exfiltrated data, such as personally identifiable information, than carrying out nationwide attacks or breaches of that nature.

He said insider threats and attacks can be mitigated through access controls, proper key management and encryption, which can reduce privileged users’ operating space without impacting their effectiveness.