Introduction
The United States federal government relies heavily on information technology (IT) to drive efficiencies and increase public engagement. However, an increase in cyberattacks and data breaches impacting government operations creates a storm of risks and challenges. Cybersecurity risks massively impact department and agency operations, eroding public trust and decreasing the capability to deliver mission-critical functions. In response to damaging cyberattacks, data breaches, budget pressures, and public expectations, the U.S. government is changing how it addresses cybersecurity risks. Currently, it uses four key strategies to protect its sensitive data and safeguard its critical infrastructure:
• Proactive cyber threat hunting1
• Increased use and sharing of cyber intelligence data2
• Continuous security monitoring, with a focus on boundary protection and security event lifecycle management3
• Automation and orchestration of security operations
