The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel The pixel
How State & Local Governments can minimize threats with identity and access management.

How State and Local Governments Can Minimize Threats with Identity and Access Management

State and local government agencies across the nation have ramped up their digital transformation efforts in order to make a multitude of services and programs more accessible to their constituents. However, that increased online presence has also made them enticing targets for cybercriminals.

Cyberattacks on state, local, tribal and territorial governments have increased by 50 percent since 2017, according to a new study by the network security firm BlueVoyant. However, the study notes that figure is “almost certainly” low because agencies often work quietly with private security companies to keep news of attacks out of the public eye.

Furthermore, the study only covered the period between 2017 and December 2019, so it doesn’t include countless pandemic-driven attacks designed to exploit unprecedented numbers of remote government employees. For example, New York City officials report that they are now attempting to secure roughly 750,000 endpoints, compared to just 80,000 before the COVID-19 pandemic.
Many — perhaps most — remote government workers are conducting at least some business on their own smartphones, laptops and PCs. These unsecured endpoints can provide cybercriminals easy entrée into government networks and access to high-value data about elected officials, employees, taxpayers, contractors and more.

Who’s There?

One of the best ways to minimize threats to endpoint devices is with the Cisco Identity Services Engine (ISE), a next-generation identity and access control platform that makes devices prove they’re secure before they are allowed to connect to the network. It enables automatic enforcement of a range of network access policies based on user, device, location, role, application and other attributes.

Device profiling is a key feature of ISE. Using active probes and device sensors, ISE “listens” to the way devices connect to the network. It then compares that information against an extensive profile database to produce a granular description of devices that are attempting to access the network.

Other valuable ISE features include:

Threat containment. ISE analyzes telemetry data to develop real-time threat scores for every endpoint as it connects to the network. If a threat score rises based on unusual behavior, ISE can limit access or automatically remove the suspicious endpoint.

Network segmentation. With group-based policies, ISE limits authenticated users to specific segments of the network, specific applications and specific services. In the event of an attack, this feature significantly reduces damages by limiting an exploit’s lateral movement through the network.

Device compliance. ISE determines whether users are accessing the network on an authorized, policy-compliant device. It checks the device’s operating system version, system settings, endpoint protection software and other characteristics against defined policy. If the device is not compliant, ISE prompts the user to update the device for network access.

Secure guest access. Built-in Authentication, Authorization and Accounting protocols enable secure network access for guests such as visitors, contractors, consultants and customers. Administrators can create and edit guest and sponsor portals, configure guest access privileges by defining their guest type, and assign sponsor privileges for creating and managing guest accounts.

State and local government agencies are inviting targets for a variety of reasons. Not only are they sources of high-value data, but they often lack adequate security measures and support. Pandemic-triggered remote work requirements have created additional avenues for attack. Cisco ISE can minimize the risk of attack with improved levels of visibility, control and automation.

Recent Posts

PuTTY SSH Client Flaw

CVE-2024-31497 is a vulnerability in PuTTY versions 0.68 through 0.80. PuTTY is a popular open-source terminal emulator, serial console, and network file transfer application that

Read More »


“Darcula” represents a new breed of Phishing-as-a-Service (PaaS) posing a serious threat to both Apple and Android users. This sophisticated attack leverages encrypted text messages

Read More »
For Emergency Support call: (877) 423-7486
For other support requests or to access your Cerium 1463° portal click here
Stay in the Know

Stay in the Know

Don't miss out on critical security advisories, industry news, and technology insights from our experts. Sign up today!

You have Successfully Subscribed!