Business Drivers City, county, and municipal governments seek to provide more services for less. Managing resources and budgets to achieve this goal extends to IT and Operational Technology, or OT, networks, even as local governments adopt a range of digital technologies to better serve citizens and improve efficiency. Digital government initiatives offer easier access to services for citizens and businesses. For employees, laptops and mobile devices enable valuable work outside government offices. Remote sensors and devices automate services, gather data and monitor equipment for smart cities and SCADA networks. These networks, devices and data need protection, and local governments want to use security resources efficiently – particularly since the demand for cybersecurity professionals outstrips supply.1Local governments must regularly demonstrate compliance with applicable data protection, privacy, accounting and other regulations.
Business Problem Every expansion into digital technologies introduces potential vulnerabilities and points where the network can be infiltrated. Government data breaches usually involve the loss of valuable personal information or confidential data while nation-state attacks and hacktivism threaten critical infrastructure. As hackers and their techniques become more sophisticated, it’s difficult for employees to discern legitimate links and files from targeted attacks designed to steal credentials or sensitive information. To complicate matters, experts say local governments are disproportionately targeted by ransomware.2High-profile data breaches have elevated the importance of cybersecurity in senior government positions. Management now wants regular reports on cybersecurity statistics and effectiveness. These are proving difficult and time-consuming to pull together as security products proliferate.
As cyberattacks increase in volume and sophistication, governments are finding it more difficult to keep pace with thwarting them. Since 98 percent of network compromises take only minutes to execute,3 the focus must be on prevention rather than detection. Preventing the spread of new or multi-method threats requires correlation and coordination, which are two areas where discrete security functions – such as within a UTM – and products fall short. Correlation and coordination become even more difficult to execute as the number of vendors and products increases. Finally, local governments must regularly demonstrate compliance with applicable data protection, privacy, accounting, and other regulations. Data aggregation and correlation between multiple security products to support these initiatives are time-consuming for security teams.
Products deployed: Stage 1:
- Palo Alto Networks PA-5050 next-generation firewall with subscriptions to Threat Prevention, URL Filtering and WildFire cloud-based threat analysis service
- PA-5060 next-generation firewalls with Threat Prevention, URL Filtering and WildFire
- Panorama™ network security management
- WildFire private cloud appliances – WF-500
Stage 2:
- Aperture SaaS security service
Stage 3:
- Traps advanced endpoint protection
- (24) PA-5060 next-generation firewalls with Threat Prevention, URL Filtering and WildFire
Stage 4:
- PA-7080 next-generation firewalls with Threat Prevention, URL Filtering and WildFire
Conclusion As local governments embrace more digital technologies, they must find ways to efficiently protect the data entrusted to them, maintain critical and everyday operations, and serve citizens efficiently. Network and security teams have enough to manage without constant manual security updates, log aggregation, event correlation and security actions from multiple management interfaces. A survey of almost 150 of our customers showed that consolidating multiple security functions on a single platform resulted in Opex savings and, moreover, improved attack analysis.4 These customers deployed an average of 3.2 subscriptions on their next-generation appliances and reported average reductions of:
26 percent in the amount of time required to add new rules to manage their firewalls. 25 percent in the number of security alerts requiring human intervention. 30 percent in the time it takes an analyst to investigate an event in order to drive a technical action to prevent or block an incident.
These savings could be yours. For more information on how security network consolidation with Palo Alto Networks could reduce your total cost of ownership, reach out to [email protected] to be put in contact with your Account Manager. |