Albert Network Monitoring: Guarding State, Local Governments

 

With cyber attacks on the rise, Albert Network Monitoring stands apart as effective network protection tailormade for state and local government organizations. Why is network protection so critical for public sector organizations? Quite simply, these institutions house troves of precious personal data of the citizens who depend on their services. Think of the DMV, public hospitals, and public schools. Each of these institutions have experienced attacks by cyber threat actors intent on stealing your personal information and holding it for ransom for large sums of money – often in excess of $1 million. Between 2022 and 2023, ransomware against state and local governments increased by 51%, according to the Multi-State Information Sharing and Analysis Center (MS-ISAC). Effective network defense is critical to preventing such attacks.

Albert: An Intrusion Detection System for Network Defense

What Is an IDS?

Albert is an intrusion detection system (IDS), which is industry-standard technology that monitors network traffic for suspicious activity and sends immediate alerts upon detection. An IDS often comes in the form of a dedicated appliance, computer, server, or other piece of hardware. Albert, like many intrusion detection systems, works by looking for signatures, of pre-defined patterns of activity determined to be malicious. Much like a traffic camera constantly monitors an intersection but only alerts authorities if it detects illegal behavior such as speeding or running a red light, Albert constantly monitors the network but only sends an alert to an organization’s security team if that traffic matches a known malicious pattern. Albert generates alerts as shown in the following graphic.

An IDS Is Industry-Standard Protection

A pie chart showing the Albert Industry-Standard Protection

Intrusion Detection Systems are used widely across all industries by organizations of all sizes. In a 2022 study, nearly two-thirds of organizations reported having an IDS in place, with more than half (57%) looking to introduce more. Like all cyber defense measures, an IDS can’t catch everything and is not meant to be a singular line of defense to stop all cyber attacks. An IDS works best when deployed among multiple layers of defense.  

An IDS Is Passive Protection

Intrusion Detection Systems are passive technology and cannot take any action on network traffic. Just as a traffic camera cannot stop speeding cars or send tickets to speeders, Albert cannot take any action on suspicious network traffic it observes. It simply sends the alerts, and the monitored organization must decide on what actions are necessary.

How Albert Works

Albert uses sensors to monitor network traffic and look for signatures. When an Albert sensor detects a known threat signature in the network traffic, it generates an alert that is first sent to the security experts in the 24x7x365 Center for Internet Security (CIS) Security Operations Center (SOC) for analysis. These experts review each alert and escalate the ones that are determined to be credible cyber threats. This notification typically takes less than five minutes, which is far faster than most security services.

A graphic showing the Albert event process

Watch this video to learn more about how Albert works.

 

Albert Is Secure, Effective, and Made for the Public Sector

Albert is a secure, highly-effective solution for state and local government organizations. In a 2022 third-party evaluation of Albert by Counter Hack, security testers reported that 

"the current incarnation of the Albert sensor is, perhaps, the most secure tool we have ever tested."

Albert is also very effective in detecting virtually all known unencrypted cyber threats that have documented threat signatures.

Albert is custom-made to detect cyber threats targeting state and local governments. CIS maintains the largest database of cyber threat signatures known to target public sector organizations below the federal level. Albert sensors receive more than 25,000 threat signatures each day to serve as the “watch list” of malicious activity they are looking for. No IDS solution has a more specific focus on the threats specific to this community. Albert is also significantly more affordable than commercial IDS solutions, which is a benefit to public sector organizations with limited budgets.