By Joe Kim, SolarWinds Chief Technology Officer
We are in the process of wrapping up our next federal cybersecurity survey and we are eager to see the results. I fully expect foreign government threats to be near the top of the list, and I thought this would be a good time to remind folks of some security fundamentals, presented by my colleague Mav Turner, SolarWinds Senior Director, Product Management.
When we think of cyberattacks, we generally picture a lone wolf hacker or Anonymous-type organization. But foreign governments are also formidable threats. Scan recent headlines and you’ll see articles explaining that cyber hacks on Sony Pictures Entertainment and the Democratic National Committee—among many others—have been attributed to North Korea and Russia.
Last year’s SolarWinds federal cybersecurity study revealed foreign governments pose some of the most serious risks for cyberattacks. Results indicate an uptick in reported government-backed threats over the past few years, with reports increasing from 34 percent in 2014 to 48 percent last year.
As publicity surrounding breaches grows, the public's demand to attribute breaches to a specific government or nation-state and the expectation of an explanation grows as well. This "pressure cooker" climate complicates and sometimes politicizes decision-making for agencies.
While there is no magic bullet, concentrating on three fundamentals—process, people, and tools—can create a good foundation for a well-designed security posture. Here’s how agencies can make them work together.
Develop a Sound Security Process
Agencies must develop proactive, well-formulated plans that outline exact steps that must be taken in case of an intrusion, taking into account which employees have access to what information, and the solutions the agency will employ to monitor networks. A step-by-step management approach will help ensure that no data is left unguarded.
Invest in People and Education
All personnel—not just IT—should be informed about the varying types of existing threats. They should also know that their organizations could be targeted at any time. IT personnel who react to frontline security breaches must have an especially deep understanding of the tools used to manage and thwart threats.
The need to invest in people is underscored by the release of the federal cybersecurity work force strategy, an action plan from the White House’s Office of Management and Budget to find, develop, and expand the nation's cybersecurity talent in the public and private sectors.
Deploy the Proper Tools
Patch management and network automation software add layers of security, and use standardized device configuration and deployment automation to reduce configuration errors. The best-in-class network security tools also use change monitoring, alerts, configuration backups, and rollbacks to improve network reliability.
Just as foreign governments use teams of people to attack, domestic agencies find strength in their numbers. Social media, networking groups, and threat feeds provide great tools for sharing information about the latest threats, and educating peers on ways to fortify networks. IT personnel should use them to stay ahead of potential attackers.
Organizations should band together. The most strategic defense against cyber breaches will come when federal, state, and local agencies—including law enforcement and other security personnel—across the United States share resources and work together to fight foreign intrusion into U.S. cyberspace.
Find the full article on Signal.