Here's an interesting article from my colleague Joe Kim, in which he offers suggestions to reduce vulnerabilities.
Agencies should focus on the basics to protect against attacks
The government’s effort to balance cybersecurity with continued innovation was underscored in late 2016 with the publication of the Commission on Enhancing National Cybersecurity’s Report on Securing and Growing the Digital Economy. The report included key recommendations for cybersecurity enhancements, while also serving as a sobering reminder that “many organizations and individuals still fail to do the basics” when it comes to security.
But in today’s environment, agencies must focus on some basic but highly effective fundamentals to protect against potential attackers. Some of these involve simple and basic security hygiene and others require more of an investment, both in terms of capital and human resources, and long-range thinking.
Let’s take a look at five fundamental strategies that can help agencies build an advanced and solid security posture.
Embrace network modernization
The report says, “The President and Congress should promote technology adoption and accelerate the pace at which technology is refreshed within the federal sector … the government needs to modernize and ensure that this modernization can be sustained at a faster pace.”
Modern network technologies are better equipped to handle cyberattacks, are often easier to manage, and are more efficient. Most can work in any environment and adapt to changing threat conditions. They can also automatically detect and respond to potential attacks without the need for human intervention, mitigating the threats before damage occurs.
Modernization often leads to standardization, which means fewer device types and configurations to manage. This reduces vulnerability, because configurations can be refined, deployed, and maintained more easily.
Implement continuous monitoring
The commission states that “a security team has to protect thousands of devices while a malicious actor needs to gain access to only one.” This makes automated continuous monitoring extremely important.
A proper continuous monitoring solution contains a variety of components working together to strengthen an agency’s defenses against many attack methods. Those solutions could include log and event management tools that track login failures and make it easier to spot potential security incidents; device tracking solutions that can detect unauthorized network devices; or network configuration management solutions that can improve network compliance and device security. All of these can be done without human intervention, and most can be easily updated.
Remember to patch
Keeping software current with the latest patches and updates is an important threat deterrent, and almost impossible to do manually, given the amount of software that powers federal networks.
Automated patch management tools can analyze various software programs and scan for known vulnerabilities and available updates. These updates can be automatically applied as they become available, keeping software up-to-date and well-fortified against the latest threats.
Implement strong encryption
In the words of Edward Snowden, “Properly implemented strong encryption systems are one of the few things that you can rely on.” However, ensuring the security of data at rest and in flight is not necessarily an easy task, considering the hybrid cloud and IT environments that many agencies have adopted.
Still, strong encryption protocols must remain in place regardless of where the data resides, and data that travels from a hosted site must receive the same level of encryption—or, perhaps an even greater level of encryption—than data that exists on-premises. The slightest vulnerability in an unencrypted network can be a window to cyber attackers, while solid, end-to-end encryption remains extremely difficult to penetrate, regardless of where the data exists.
Adopt the Cybersecurity Framework
While many agencies have adopted the NIST Cybersecurity Framework, there’s room for more to get on board. There are signs that the government plans to increase use and is working to ensure the framework’s continued growth. In March, the House Committee on Science, Space, and Technology passed a bill designed to encourage adoption of the framework.
This shows how serious the government is about balancing proactive cybersecurity with innovative technology. Agencies can support this effort by combining a few basic strategies with some long-term investments that will ultimately pay big security dividends.
Find the full article on SIGNAL.