•  

    Government

  • Speak with a Trustwave sales specialist to learn more.

    Looking for support? Use our global network of support specialists to get help. Get support now
      
  • Intelligence, defense and civilian agencies, as well as state governments, are prime targets for attackers because they hold vast amounts of personal information about citizens and residents. They also face threats from a range of adversaries, including state-sponsored hackers.

Overview

  • Government agencies are getting hit from all sides. Non-state and state-sponsored adversaries continue to probe systems and wage attacks that grow in sophistication. Their end goal ranges from stealing sensitive data and conducting reconnaissance to disrupting and defacing websites.

  • Insiders after classified information, meanwhile, pose a major threat as well, and roughly half of federal departments and agencies lack the capabilities to implement an effective insider threat program, according to the Information Security Environment’s 2013 annual report to Congress.

    A recent report by the U.S. Government Accountability Office, which surveyed the 24 major federal agencies, found they have been inconsistent in implementing cybersecurity requirements from the Federal Information Security Management Act (FISMA).

  • Specifically, the GAO found issues with the agencies' ability in:

    • Designing and implementing risk-based cybersecurity programs.
    • Establishing and identifying standards for critical infrastructures.
    • Detecting, responding to and mitigating cyberincidents.

Solutions

  • Trustwave enables our government customers to take a holistic approach to security risk management with our long history of supporting the government. Here are some of the ways we can help:

  • Database Scanning 

    DbProtect and AppDetectivePRO discover, assess and report on vulnerabilities, misconfigurations and improper access controls within databases, and map to requirements included in the DHS CDM Program, CIS Security Benchmarks, DISA STIG and FedRAMP.

    Application Scanning 
    Protect all of your web and mobile applications with comprehensive vulnerability testing from the Trustwave App Scanner family of solutions.


    Web Application Firewall 

    Protects web applications against external attackers who may use vulnerabilities, such as SQL injection, to steal sensitive information.

    Penetration Testing 

    Identifies and manages potential vulnerabilities in your networks, applications or databases.

    Secure Web Gateway 

    Enables safe and productive access to Web 2.0 while ensuring compliance, minimizing data loss and eliminating malware risks

    Secure Email Gateway 

    Prevents bandwidth-hogging spam and data-stealing attacks from entering the network, while inspecting outbound content to ensure confidential data doesn’t exit.

    Data Loss Prevention 

    Allows you to discover and classify ePHI and prevent it from leaving the network.

    SIEM 

    Helps you gain broad visibility of threats to your network and improve your compliance process through logging, monitoring, and analysis of events.

    Network Access Control 

    Ensures managed and unmanaged devices connecting to the network comply with policies and do not introduce malware.

    Security Awareness Education 

    Instructs your employees and contractors to understand the threat of social engineering and follow best practices for security, including password management and the safe use of web and social media tools.

Benefits

    • Detect, Respond and Mitigate

      We help you collect and analyze security events so you can spot anomalous behavior before it harms your organization. In the unlikely case of a successful attack, our forensic investigators can immediately come in to identify the source of the attack, determine the extent of the breach, contain any damage and assist your internal response around the clock.

    • Meet Compliance

      Regulatory and industry pressures facing government agencies and departments, notably FISMA and PCI DSS, require organizations to have a thorough understanding of their risks and then be able to implement policies and technology to rectify any deficiencies. Trustwave solutions are created with compliance in mind, and directly can map back to all of your requirements, no matter how prescriptive they are.

    • Automate and Achieve Simplicity

      Through our cloud-based TrustKeeper platform, you get a single view into of your technologies and services, so you can more effectively manage your security program. In addition, you can centrally automate and manage controls, policies and procedures across multiple compliance frameworks. Whether your agency is large or small or something in between, TrustKeeper is built to scale with you.

Resources

  • Documents