The prevention, detection, assessment, and remediation of cyber incidents are top priorities for the United States and essential to national security. This IDC Technology Spotlight looks at how extended detection and response solutions can help.
At-a-glance – what’s important
Extended detection and response (XDR) enhances managed detection and response (MDR) by bringing in telemetry sources such as messaging, firewall logs, network, and identity and access management correlation; integration with data protection platforms; and smart integrations with web and email service providers, threat intelligence, and intrusion detection systems/intrusion prevention systems. XDR provides a 360-degree, 24/7 view of the security environment and enables agencies to detect, defeat, and recover from attacks faster.
Considering Accenture XDR for Government
Accenture Federal Services is a wholly owned subsidiary of Accenture, focused on the unique requirements of the U.S. federal government. The company provides Accenture XDR for Government as a FedRAMP Moderate authorized managed service. Accenture XDR for Government can be purchased and deployed in a plug-and-play manner as a vendor-agnostic solution. It is architected today to operate at a FedRAMP High level.
XDR case study: National Gallery of Art
One of the biggest security challenges that the National Gallery of Art in Washington, D.C., faced prior to deploying an XDR solution was having the expertise and resources needed for 24 x 7 audit log monitoring on its network, according to CISO Nabil Ghadiali. The CIO staff of this small agency appreciates the advantages of SOC as a service, which provides speed of detection and speed of remediation, as well as having the SOC analysts review alerts and make sure they are not false positives. Another benefit is the agency doesn't have to purchase and install a SIEM tool, onboard staff who understand how to operate the tool, and make sure the software is up to date and secure. Members of senior management value the XDR solution because deploying their own audit and logging service was cost prohibitive and having the SOC resources and intelligence at their disposal was, as Ghadiali said, "phenomenal." He continued, "One of the greatest things about XDR is that it is organically growing into something that is bigger than any one of us could have stood up independently, and we are seeing this value again and again."
"XDR enables improved risk management decisions through reduced time to identify, protect against, detect, respond to, and recover from cybersecurity attacks."
— Adelaide O'Brien, IDC Research Director – Government Digital Transformation Strategies
White House Executive Order 14028 makes the prevention, detection, assessment, and remediation of cyber incidents the top priorities for federal agencies and essential to national security. As a result, there is increasing recognition that detection and response at speed is critical to dramatically reduce the potential damage inflicted by cybercriminals. XDR enables improved risk management decisions through reduced time to identify, protect against, detect, respond to, and recover from cybersecurity attacks.
As a managed security services provider, Accenture has the ability to utilize proven cutting-edge security tools as the technology backbone for its managed XDR solution is compelling. The federal government's security requirements will continue to grow exponentially. IDC believes that to the extent that Accenture can address the challenges described in this paper, as well as continue to invest in the next generation of cybersecurity technologies, the company has a significant opportunity for success in helping government agencies improve their protection of national and economic security.