Localized pages: French German Japanese
Need more info? CONTACT US
Solutions

Vertical Industries

While SNORT®, the Sourcefire 3D System, and Enterprise Threat Management (ETM) are all designed as horizontal applications, they certainly work effectively in specific industries where network security and policy and regulatory compliance are top IT priorities. Some of these industries include: Financial Services, Government/Public Sector, Healthcare, Higher Education, Power and Energy, and Retail.

Financial Services Industry

Business decisions and information technology environments within financial services institutions today are being heavily influenced by a related set of objectives. Banks, brokerage firms, and insurance companies alike are all intent on enhancing the customer experience, ensuring customer confidence and trust, improving productivity, and protecting private and sensitive information. In an industry where many of the products are quite literally commodities, these goals are key ingredients essential to providing and maintaining a measure of differentiation and customer loyalty.

Some specific reasons why the Sourcefire 3D System and ETM appeals to IT professionals in financial services include:

  • Banking and financial market networks are widely deemed to be “critical infrastructure.” In many instances, the transactions being processed represent not only the life savings of individuals, but the lifeblood of the global economy. As such, the level of criticality and sensitivity of computing functions being conducted on financial networks often exceeds that associated with the networks of typical commercial organizations. From an information security perspective, this should translated into a higher standard of due care.
  • Network security requirements from the Gramm-Leach-Bliley Act (GLBA), Federal Financial Institutions Council, Basel II, and other sources are emerging and will drive compliance enforcement in the financial services community.
  • Many financial institutions continue to operate significant amounts of legacy computing infrastructure, including numerous mainframe-based applications. These systems are often fully inter-connected with more modern systems and continue to perform mission-critical functions. However, many of these older systems are exposed to network-borne threats and these institutions cannot afford to take them out of service for remediation.
  • Financial market firms must deal with sky-rocketing trading volumes and the resulting availability, capacity, and performance requirements of associated networks and systems.

Government/Public Sector

Government and public sector IT systems are very diverse and widespread. Continuity and security of operations are always paramount concerns. Accessibility to services must be guaranteed, but this must be balanced with the fundamental need to maintain the security of sensitive information and the privacy of personal information.

Some specific reasons why the Sourcefire 3D System and ETM appeals to IT professionals in the government and public sector community include:

  • Government entities are directly responsible for many of the systems associated with the nation’s critical infrastructure, and indirectly responsible for many more as a result of being charged with the governance of associated commercial organizations. Furthermore, military and associated intelligence organizations routinely handle highly classified information. So, in many cases, the computing functions being conducted on government networks represent a level of criticality and sensitivity which far exceeds that associated with the networks of typical commercial organizations.
  • However, it is not just those entities involved with critical infrastructure or secret information which are subject to a higher standard. Essentially all government organizations, by virtue of being “of and for the people”—not to mention their source of funding—are, as a result, subject to a greater degree of public accountability and scrutiny than most commercial companies.
  • There is also a regulatory atmosphere in federal, state, and local government that is often difficult to navigate. Sorting through and rationalizing the various layers of legal requirements, oversight activities, and well-intentioned (but often disjointed and overlapping) initiatives can be downright overwhelming. In the United States, conservative estimates put the tally at approximately 20 statutes, six executive orders, and at least 50 other statements of policy that pertain to information systems run by agencies of the federal government or their contractors. The Federal Information Security Management Act of 2002, The President’s Management Agenda, the National Strategy to Secure Cyberspace, and various security and performance scorecards periodically issued by the Government Accountability Office are just a few of the items for which federal agencies must account.

Healthcare Industry

The healthcare industry as a whole is steadily overcoming its relative lack of investment in information technology through the 1990s. One significant implications, however, is that much greater quantities of sensitive information are now being put into electronic form and then being made available in a networked environment. With this comes the responsibility to ensure that such data is properly protected. In other words, providing greater accessibility to information to facilitate enhanced patient care and greater efficiency of healthcare operations must be balanced with the need to maintain the privacy and integrity of sensitive, electronic Patient Healthcare Information (ePHI).

Some specific reasons why the Sourcefire 3D System and ETM appeals to IT professionals in the healthcare industry include:

  • Healthcare is an industry where, in many situations, the timely availability and accuracy of information can literally mean the difference between life and death. As such, the level of criticality and sensitivity of computing functions being conducted on healthcare networks often exceeds that associated with the networks of typical commercial organizations.
  • Consequently, it is not surprising that the industry is subject to regulation of how it operates various computer-based components and how it safeguards the privacy and integrity of patient information. Some of these regulations are the Health Insurance Portability and Accountability Act (HIPAA), Title 21 Code of Federal Regulations (21CFR Part 11), and FDA Section 510(k) of the Food, Drug, and Cosmetic Act. All of these regulations work to implement a comprehensive set of administrative, physical, and technical safeguards to protect networks and systems, and, in turn, the information that is transported and stored.

Higher Education

Traditionally, educational institutions and the broader community of learning and research organizations have been cultures of openness—derived from the fundamental believe that the process of learning is fostered by the ability of individuals to freely pursue and explore their ideas. Needless to say, having to balance virtually wide open access with the necessity to protect the integrity and privacy of grading systems, financial aid records, and other sensitive information is no small feat.

Some specific reasons why the Sourcefire 3D System and ETM appeals to IT professionals in the higher education industry include:

  • Education networks must accommodate a very large and diverse population of unmanaged computing devices. The configuration and security state of these machines is at best “unknown.” Coupled with their migration between multiple networks, this all but ensures that a meaningful number are indeed infected with a wide variety of malware. “Wild” networks such as unsanctioned WLANS and resident networks add further fuel to the fire.
  • Liability is a persistent concern as curiosity and a mix of other, less altruistic motivations inevitably lead to misuse of computer resources which directly or indirectly impact other parties negatively. File swapping of copyrighted material has lead to more than 100 educational institutions being subpoenaed to divulge the identities of file-sharing students. In addition, another liability concern is when open university networks are used as intermediary launching points by hackers for attacks against other organizations.
  • Consistent with the theme of education, there is bound to be a highly diverse portfolio of applications and technology requiring protection. Having seemingly “one of everything” available for the global marketplaces is only the beginning. There will inevitably also be home-made protocols and applications to contend with as well.
  • Remote/distance learning, real-time web collaboration, and other progressive initiatives further drive the need to support access to resources and newer, potentially unproven technologies.

Power and Energy Industries

Power generation and distribution facilities clearly pre-date the information technology revolution. Therefore, it is not surprising that power companies have historically kept their control system networks completely separate from their general computing networks. Convenience and favorable economics are driving integration and homogenization of the power industry’s control system networks and computer networks. Round-the-clock monitoring and corrective actions by remote operators and process engineers, real-time reporting and sophisticated decision-making systems all require rapid access to control system data.

Some specific reasons why the Sourcefire 3D System and ETM appeals to IT professionals in the power and energy industry include:

  • Along with the benefits that it provides, interconnectivity also has significant risk. Most Supervisory Control and Data Acquisition (SCADA) and process control systems were developed at a time when good security amounted to controlling physical access to them and their associated consoles. Few, if any, security measures have been incorporated into these systems. Interconnectivity means increased accessibility—including from over the Internet. The result is a new weakest link—one that ultimately puts not only power facilities in jeopardy, but also entire corporate computing environments.
  • Power generation and distribution facilities are considered critical infrastructure. Among other events, the electrical blackout of August 14, 2003 reminded the United States public of that fact. It also prompted increased scrutiny by the government. A significant outcome is the Energy Policy Act of 2005, which called for the Federal Energy Regulatory Committee (FERC) to create an electric reliability organization that will be responsible for developing standards—including security guidelines for power plants. That organization is called the North American Electric Reliability Corporation (NERC). NERC’s board of directors has already adopted eight Cyber Security Standards, which address asset identification, security management controls, personnel and training, perimeter security, systems security, incident reporting and response planning, and recovery plans.

Retail Industry

The retail industry is embracing information technology in a wholesale manner as a way to get better information faster. With the emergence of e-commerce, retailing has become more competitive than ever with the singular objective being to provide customers with goods and services that keep them coming back for more. The operation of retailing has become a science and information technology plays a large role in it. Batch processing is being replaced by real-time information exchange enabled by a range of network-based applications. Of course, the increased usage and dependency upon information and the need to gather, analyze, redistribute, store, and manage it from end-to-end includes a responsibility to protect it. Clearly, customer-specific data must be kept confidential. However, it is also essential to ensure the integrity and availability of all of the related data, as well as the networks and systems used to process it—particularly as these increasingly become the lifeblood upon which retailers depend.

Some specific reasons why the Sourcefire 3D System and ETM appeals to IT professionals in the retail industry include:

  • Batch and real-time exchanges of transaction details with credit card companies and other financial institutions create a linkage to an environment that is much more tightly controlled, and even regulated. One significant implication is that virtually all merchants who process credit card transactions are subject, at least in part, to the Payment Card Industry (PCI) Data Security Standard. Emphasis in this standard is placed on establishing robust access controls and subsequently being able to monitor and audit for undesirable activities, in particular, by using both host and network intrusion detection and prevention systems.
  • With very few exceptions, it is an absolute necessity that retailers complement their physical stores with an online shopping option. This, of course, means having to deal with the wide range of threats (fraud, worms, viruses, malicious hacking) that an Internet-based store front brings with it.
  • Increasingly, both achieving operational excellence and ensuring a positive shopping experience are becoming dependent on supporting a plethora of network-based applications (e.g., traffic counting systems, customer loyalty programs, warehouse management systems, transportation management systems, self-service kiosks, in-store employee training). This translates into the need to better ensure the availability, capacity, and performance of associated networks and systems.