State of Missouri
NX, EX, other series work as one system
Missouri began by acquiring FireEye® Network Security (NX Series) to secure the state’s networks. That was followed by deploying FireEye Email Security (EX Series). Many of the attacks on Missouri’s state networks came in the form of spear-phishing emails that secretly delivered malware. “When EX discovers malicious email, it provides the information to all of the other FireEye technologies
to ensure maximum protection,” Roling explained. The state then began using FireEye File Content Security (FX Series) to scan file-sharing systems, FireEye Malware Analysis (AX Series) for ad hoc malware forensics and FireEye Endpoint Security (HX Series).
More recently, Missouri began deploying FireEye Mobile Threat Prevention (MTP) technology to extend security to mobile devices that state employees are increasingly using, he said. MTP will also help the state manage security as the “Internet of Things” evolves.
“Those two areas are probably the issues that keep me up at night. It’s about how we can ensure that business is conducted securely from a mobile standpoint, and then how we ensure that the Internet of Things is secure,” said Roling.
FireEye security technology now protects
as 50,000 endpoints throughout the state’s network, including 40,000 endpoints over which the state has “direct authority,” Roling explained. There are another 10,000 endpoints that some state agencies and departments have established on their own, but these operate on the larger state network and as such they enjoy the added protection of the FireEye NX Series.
“This is one of the coolest things about this from a geek perspective,” Roling said, adding that the integration of email and network security was a key advantage FireEye offered over another vendor the state was considering.
Being proactive versus reactive
Now that the FireEye deployment is complete, Roling said Missouri’s cyber security profile is decidedly proactive instead of reactive.
With FireEye, his department is seeing new threat information that wasn’t visible before. When an incident comes to their attention, they have the visibility and tools to resolve it. This kind of insight has significantly improved their security.
“Having the FireEye technologies in place has reduced the number of incidents over time and it has also reduced the amount of time that it takes my staff to resolve incidents,” he said. “We quickly saw that when we adopted the HX endpoint solution. The time to resolve incidents shrank from around 110 hours to 5 hours or less, a decrease of more than 95%.”
Not only has the FireEye deployment reduced the time to respond to cyber security incidents, it has also reduced the time an adversary may be on the network before the state discovers and removes it. These technologies have not only mitigated threats to the network but have freed up hundreds of staff hours per month, creating efficiencies within Roling’s cyber security team, in IT and throughout the state government.
State of Missouri
Missouri is a state located in the Midwestern United States with a population of 6 million citizens. Approximately 50,000 state employees in over 100+ locations around Missouri enable hundreds of various services for citizens, businesses, and visitors. The state comprises 114 counties with the largest metro areas being Kansas City and St. Louis.