New London Protects Data with Next Gen Firewall”
The City of New London Information Technology division was created to improve the information technology throughout the City, leverage emerging technologies, reduce cost, and improve services to citizens and employees. Assuring the safety and integrity of City data and information systems through security and access management is a priority. Rick Genovese, the New London Director of Technology, was concerned about the growing number of phishing attempts on employee email accounts and the risk of unknown Malware and attacks on city operations.
The Security Lifecycle Review
A Security Lifecycle Review of the city network identified numerous attempts by internal devices to connect outside the network also known as command and control (CnC). Understanding and preventing this type of activity is critical as attackers often use CnC to deliver malware, provide instruction or exfiltrate data. The report also identified the high-risk applications which may introduce compliance, operational or cyber security risks.
In January of 2020, the city installed a Palo Alto Networks Next-Generation Firewall followed by the Palo Alto Cortex XDR End Point Protection later in the year. Mr. Genovese shared that local funding is not necessarily abundant for cybersecurity projects but he had the full support of the mayor and the finance council. “Palo Alto Networks addresses the gaps in the attack surface by integrating the firewall and endpoint security in a way that provides unmatched, comprehensive protection and unhindered visibility”, according to Mr. Genovese. The “attack surface” refers to the digital and physical vulnerabilities in the user’s hardware and software environment.
Flatten the Learning Curve
The DBO operations team has assisted the city IT department in improving network security and restricting outside traffic from foreign countries, especially China. “Our internal team faced a challenge while learning these next generation security tools but the DBO techs have helped us flatten the learning curve and shrink the attack surface,” said Mr. Genovese. DBO provides first level escalation and trouble reporting as well as operating system updates. The DBO team and Palo Alto have greater visibility into global cyber activity and they quickly respond to unusual network activity which precedes and forewarns of malware attacks. Palo Alto Networks and DBO offer periodic best practice assessments to ensure compliance with industry and emerging policy enforcement regulations.
As a Palo Alto Networks partner, Digital BackOffice provides the Security Lifecycle Review (SLR) at no charge. The SLR integrates findings based on data collected by an onsite device during a specified time period that includes, applications, SaaS-based applications, URL traffic, content types, and known and unknown threats traversing the network.