How The State of Colorado Secured its Infrastructure with McAfee SIEM0
We at McAfee obviously believe that Enterprise Security Manager (ESM), our Security Information and Event Management (SIEM) solution, is a fantastic tool to help harden networks from cyber attacks. Corporations trust us to deliver the clearest picture of their network’s security in an instant. Taking this reputation a step further, we are now working with state governments – who often operate with limited budgets and staff resources – to develop comprehensive security plans that address their unique needs. With this in mind, the state of Colorado serves as one of our best SIEM success stories to date.
When Jonathan Trull accepted his place as Chief Information Security Officer for the Governor’s Office of Information Technology in Colorado, he was tasked with updating the governor’s IT security department. Trull had a $6,000 budget to work with — for the entire state.
A difficult task for anyone, but complicating matters was the National Institute of Standards and Technology’s security control framework — the NIST 800-53 — which contained hard-to-implement guidelines for a limited staff with a limited budget. What Trull needed was a tool enabling situational awareness to reduce risk while still complying with regulations like PCI and HIPAA.
“From my position, what I seek more than anything is situational awareness in real time,” Trull said. “I knew if I could get the money and the tools, I could achieve greater risk reduction.”
Trull found his solution with McAfee ESM. McAfee ESM was the only product that met all of his criteria while allowing data to integrate into one dashboard. This streamlined control enabled better practices, helping to protect the state of Colorado’s systems from cyber attacks.
The McAfee team, working with Governor’s Office of Information Technology (OIT), took inventory of Colorado’s technologies, graphing where the state’s security infrastructure lacked and how it could improve before striking a deal to provide flexible McAfee product licensing and three years of on-site consultation.
That consultation started with the Council on Cyber Security’s Top 20 Critical Security Controls — important standards for every organization looking to harden their network to attacks. With McAfee’s guidance, OIT started with the first five controls:
- Inventory of all network devices
- Inventory of all authorized and unauthorized software
- Establishing secure standard configuration of devices
- Vulnerability remediation assessment
- Malware defense
Combined with 15 products addressing the Top 20 Critical Security controls, OIT was able to use the McAfee SIEM solution to establish a secure network, giving Trull the situational awareness he needed with the decision making guidance that helps teams protect networks and stay in compliancy.
Part of creating a comprehensive security solution tailored to Colorado’s needs was tapping into McAfee’s Global Threat Intelligence network. Through our high-performance, powerful SIEM solution, organizations have the ability to locate and respond to malicious activity in real time. With McAfee’s centralized dynamic dashboard, event, threat, and risk data worked together to provide Trull and his team with key security intelligence without the bulk of bolted on solutions. As part of the Security Connected framework, McAfee ESM tightly integrates with McAfee ePolicy Orchestrator (McAfee ePO) software, McAfee Risk Advisor, and Global Threat Intelligence to protect mission critical systems of top companies and state governments.
Read more about how McAfee helped the State of Colorado lock down its networks in the whitepaper here.