Maximus Logo
Country
United States Canada India Saudi Arabia United Arab Emirates United Kingdom
  • Careers
  • Employees
  • Investor Relations
  • News and Events
  • Who We Serve
    Federal Government State and Local Government Specialized Markets

    As trusted partners, we elevate public service by empowering government agencies with advanced technology, infrastructure, and human-centric operational support.

  • What We Do
    Customer Experience
    • Contact center solutions and services
    • Digital Government
    • Maximus Innovation Center
    Technology Services
    • AI and Analytics Services
    • Cybersecurity
    • Cloud
    • Digital Modernization
    • Data Management
    Health Services
    • Clinical Services
    • Eligibility and Enrollment
    • Health Technology and Enterprise Modernization
    Program Services
    • Case Management
    • Consulting and Advisory Services
    • Eligibility and Enrollment
  • Case Studies
  • Insights
  • About
    Our Approach
    Life at Maximus
    Leadership
    Locations
    Maximus Foundation
    Corporate Responsibility
    Contract Vehicles
    Awards and Recognition
    Alliance Partnerships
    Certifications
    Maximus Ventures
  1. Maximus US
  2. Insights
  3. How cyber threat intelligence can strengthen DoD’s cyber posture

How cyber threat intelligence can strengthen DoD’s cyber posture

Michael Sieber

Michael Sieber

October 18, 2023

Share:

X LinkedIn Email

Cyber threat intelligence is a critical advantage in cyberspace. I spent over two decades learning to leverage it for the Department of Defense (DoD).

Bad cyber actors hit the DoD with more than 12,000 cyber incidents since 2015, according to a recent Government Accountability Office (GAO) report. CrowdStrike threat hunting units also saw a 40% year over year increase in observed intrusion volume on defense networks (2023 Threat Hunting Report | CrowdStrike).

Cyber threats and incidents have skyrocketed in the last decade, and it is likely that this trend will continue for the foreseeable future. The DoD must maintain the advantage and adapt to counter these increasingly complex attacks. While bolstering cyber defenses is mandatory, defense agencies must prioritize threat hunting and intelligence to increase visibility into threats, improve decision-making abilities, and identify new counteroffensive measures.

Cyber threats facing DoD

Prior to joining Maximus, I commanded the Army’s only active-duty information operations battalion, served as Chief Information Security Officer (CISO) in the Office of the DoD Deputy Chief Information Officer for Special Programs, and served as the Authorizing Official for accreditation and certification of multiple classified IT networks. Each of these positions gave me an amazing vantage point to witness the dramatic increase in cyber threats firsthand.

Types of cyber threats range from trickery to sophisticated zero-day attacks, but 95% of cyber incidents are caused by human error. Phishing and social engineering attempts rely on tricking end users to gain access.

Unfortunately, I anticipate the increased adoption of artificial intelligence (AI) will boost the number of these attacks and make them much more realistic-looking and therefore difficult to recognize. Successful cyberattacks also take advantage of organizations that don't conduct regular patching and updates, essentially leaving the door wide open for bad actors to take advantage of poor security.

Attackers persistently seek access to DoD and other government networks, but they also focus on “soft” targets they believe provide an easier path to network access, such as companies within the DoD contracting and R&D community, also referred to as the Defense Industrial Base (DIB). Programs such as the DoD’s Cybersecurity Maturity Model Certification (CMMC) harden these targets by ensuring partners meet minimum cybersecurity standards.

DoD responds to cyber threats

Ironically, the increase in cyber threats helped improve DoD’s cybersecurity posture in three key ways –

  • Collaboration: To protect against the increase in threats, defense agencies forged partnerships and developed information-sharing best practices amongst themselves, the DIB, and other federal agencies. The Cybersecurity and Infrastructure Security Agency (CISA) shares threat intel across the government and private sector.
  • Enhanced security measures: The rapidly shifting cyber landscape spawned the creation of advanced data protection models, such as zero trust, and reduced human error rates.
  • Changed defense approach: Every aspect of DoD must plan for cyberspace operations, both offensive and defensive. U.S. Cyber Command now plays a pivotal role in all DoD cyber activities.

The role of threat intelligence

Threat intelligence helps DoD identify potential threats and vulnerabilities before they are exploited, reducing the likelihood of data breaches. The strategic use of threat intelligence helps organizations stay proactive in their cybersecurity approach by: 

  • Providing early warning of cyber incidents.
  • Recognizing areas of a network that are most likely to be targeted so CISOs can put extra security measures in place.
  • Identifying root causes of cyber incidents, whether a network misconfiguration or an exploitation of a zero-day vulnerability.
  • Minimizing human error from the equation by automating patching and prioritizing the greatest vulnerabilities.
  • Informing the allocation of resources to combat specific threats.
  • Using data to implement robust access control and user authentication measures.
  • Developing and practicing incident response plans to mitigate breaches before they happen.

Developing countermeasures

Cyber threat intelligence also helps defense agencies establish effective countermeasures against cyberattacks by:

  • Understanding adversary tactics: Knowing how a bad cyber actor operates helps an organization prepare defenses and quickly detect signs of an intrusion, tailoring specific defenses to these threats.
  • Enhancing incident response: Up-to-date information about ongoing cyberattacks allows incident responders to act decisively, preserve evidence, and expel intruders from their network.
  • Increasing collaboration: Sharing information across organizations constitutes the best countermeasure. Threat intelligence allows agencies to learn lessons from others’ experiences.

Cyberattacks will proliferate and continue to become more sophisticated, particularly with the widespread use of AI, but the strategic use of cyber threat intelligence can help DoD understand threats, prevent attacks, and mitigate damage.

To learn more about Maximus’ threat hunting capabilities, visit maximus.com/cybersecurity. For more information on how Maximus integrates cyber solutions across DoD, visit maximus.com/defense.

 

About the author

Michael Sieber

Michael Sieber, Senior Director, TCS DoD and Cloud

After spending more than 24 years of service in the Department of Defense (DoD), Col. Michael Sieber (U.S. Army, Ret.) now leads Maximus security programs for mission-critical defense IT systems, applications, and data.

Related Topics

Cybersecurity Federal Government

Read more

Whitepaper

Bridging Employee and customer experiences for enhanced efficiency

Article

Balancing Mission Access and Cybersecurity in Cloud Environments

Video

Accelerating data modernization: Practical strategies for federal agencies

Partnering with Maximus can help you stay one step ahead

Let us help you get there

Get started
Maximus Logo
  • Contact Us
  • Careers
  • Contract Vehicles

Copyright © 2025 Maximus. All rights reserved.

Privacy Statement Privacy Statement California Residents Terms of use