The State of Oklahoma recently announced it would be deploying a statewide threat intelligence platform to share cyber threat intelligence across agencies, municipalities, and police departments. The goal is to improve its ability to detect pandemic-related cyber attacks, unemployment fraud, and attempts to compromise remote workers. This is a great strategic move by the State of Oklahoma and illustrates the critical need for state and local government organizations to use and share threat intelligence to protect themselves.
Three Important Takeaways from the Steps Oklahoma is Taking
Here are three important takeaways from the steps Oklahoma is taking:
- State & Local Government Organizations Are Under Increasing Pressure from Cyber Attacks. State and local government organizations have long been attractive targets for hackers due to the wealth of valuable information they have. Not surprisingly, with the pandemic, the State of Oklahoma has experienced a significant increase in attacks as threat actors look to take advantage of the situation, including a significantly expanded attack surface as a result of more remote workers. Unfortunately, this is not isolated to Oklahoma and is a trend we here at Threater are seeing across our large number of state and local government customers.
- Using, Sharing, and Taking Action with Threat Intelligence is Critical. The good news is that like Oklahoma, we are seeing more state and local government organizations use and share threat intelligence in order to improve their ability to prevent, detect, and respond to cyber threats. These organizations are incorporating a combination of threat intelligence from commercial providers that specialize in threat intel, open source threat feeds, industry and government threat intelligence like MS-ISAC.
- More State’s Should Replicate What Oklahoma is Doing. Oklahoma is effectively applying an ISAC/ISAO model at the state level. In this case, the State of Oklahoma is the ISAC and is using a threat intelligence platform (from our partner Anomali) to aggregate and analyze threat intelligence data and to facilitate threat intel sharing amongst its members. Anomali also provides an easy and low cost mechanism that Oklahoma can use to give other state and local government organizations the ability to consume and share threat intelligence from the platform. What the State of Oklahoma is doing here is really cool. However, more importantly, it’s taking state government threat intelligence to the next level, and will be a great step forward in improving the state’s cyber defense. This is a model that other state’s should look to replicate.
The words pioneer and Oklahoma have gone together for a long time. In this case, it’s great to see the State of Oklahoma pioneering a huge leap forward in enabling the use and sharing of threat intelligence across the state.
At Threater, we have a large number of state and local government customers using our Threat Intelligence Firewall platform to block known bad traffic based on large volumes of threat intelligence. Our platform can support over 150M threat indicators and block unwanted inbound and outbound traffic at line speed. We also make it easy to automatically integrate threat intelligence from any source, including Threat Intelligence Platforms like Anomali.
For more information on the Threater Threat Intelligence firewall platform visit our network security solutions page.
For more information on how are helping State and Local Government organizations strengthen network security, reduce staff workload, and improve the efficiency and effectiveness of their firewalls check out our blog: Bold Change Required: Thwarting Cybersecurity Attacks on State and Local Government Organizations