Federal agencies face a conundrum: They are the targets of relentless cyberattacks yet lack enough skilled personnel to combat them. State-affiliated actors, responsible for more than half of public administration data breaches1 combine never-before-seen malware with other techniques to infiltrate agencies and steal data or disrupt operations. With many thousands of new threats created every day,2 agencies have a hard time keeping up.
Advanced threat prevention (ATP) products were developed to combat new threats. Unfortunately, procuring, installing, configuring, and managing additional hardware introduces more time and operational overhead. As threats increase in number and variety, agencies must undertake costly, time-consuming deployments and make architectural or operational changes to keep pace.
That’s where the first weapon, cloud-delivered services, can help. Cloud-delivered malware analysis and prevention offers swift deployment, easy configuration, global visibility, and auto-scaling as threats increase. Palo Alto Networks just announced the first and only cloud-delivered malware prevention service authorized for use for the U.S. government. WildFire malware prevention service, offered as a subscription with Palo Alto Networks next-generation firewalls, is now Federal Risk and Authorization Management Program (FedRAMP) authorized. This means U.S. federal agencies can free up capital and operating expenses previously used for purchasing, deploying, and managing on-premises threat detection and analysis hardware while ensuring data privacy and availability through security controls that meet stringent requirements.
WildFire combines cloud delivery with a second weapon—automation—to detect and prevent both highly targeted and blanket attacks from impacting agencies. U.S. government agencies benefit from:
- Swift prevention: WildFire leverages real-time data from the industry’s largest global threat sharing community while keeping agency information private. A suite of complementary analysis engines uses machine learning and other advanced capabilities to discover never-before-seen threats. If WildFire identifies a new threat, it automatically creates and delivers protections against that threat to network, endpoint, and cloud sensors in as few as five minutes after discovey anywhere in the world. Cloud-based detonation chambers scale with demand, providing quicker identification and distribution of new countermeasures.
- Efficient security operations: WildFire constantly and automatically creates and delivers protections to counter the latest threats—no humans required. These automated protections result in fewer events per analyst hour (EPAH) for short-staffed InfoSec and network teams. WildFire also saves SOC teams time with detailed insight into identified threats, indicators of compromise, and how they were blocked across traffic and protocols.
- Reduced cyber risk: With more than 29,000 customers around the world contributing sample files and URLs, WildFire can protect agencies from threats before the agencies ever see them. Agencies will also never miss an update or run out of analysis capacity.
For more information on how cloud–delivered services and automation combine to protect federal agencies from the latest malware, exploits, and more, visit our WildFire: U.S. Government page or contact your sales representative.
- Verizon, “2018 Data Breach Investigations Report,” April 2018, https://enterprise.verizon.com/resources/reports/DBIR_2018_Report.pdf.
- WildFire global threat sharing community discovers, on average, 10,000 new pieces of malware daily out of 10 million samples collected.