This interview is an excerpt from GovLoop’s recent Guide to Government’s Critical Cyberthreats. This research guide explains the various cyberattacks government endures and provides steps to safeguard your information systems.
Phishing attacks, advanced malware, and ransomware are just a few of the types of cyberattacks that government deals with in today’s current cyberthreat landscape. In an attempt to counter such attacks, many agencies focus on tool-based strategies as cyberthreats come.
But the problem with such approaches is that agencies are usually ill equipped to apply such tools and usually address the problem when it’s too late. That’s why there’s a need for more proactive results-based strategies. In an interview with GovLoop, Ned Miller, Chief Technology Strategist for Public Sector at Intel, shared how agencies can harness better outcome-based strategies to navigate in the current, complicated cyberthreat landscape.
Overcoming Cyber Challenges
Intel works to help government agencies achieve their desired state. “The desired outcome for our customers is helping them build a resilient digital enterprise that can withstand sophisticated attack campaigns,” he said.
To achieve this desired state, Intel focuses on helping government agencies address four basic criteria:
• Neutralize emerging threats. Shift agency tactics from a firefighting mentality of addressing the attacks as they come to a strategic lifecycle defense. This prepares an agency to automatically address emerging threats before they become a real issue.
• Safeguard vital data. Establish control between end users and advanced capabilities, such as those of the cloud. Safeguarding data means having the ability to control the data and protect it regardless of where your data lives or how it moves between platforms.
• Fortify critical environments. Gain comprehensive visibility and create consistent policies across your organization. Be agile in leveraging your resources without sacrificing security when fortifying various environments like datacenters and multiple cloud platforms.
• Optimize Security Operations. Harness dynamic control and automation to improve security operations and standards. Develop automated mechanisms to provide more visibility throughout the organization in addition to control, and take advantage of intelligence information in real time to be more proactive.
Outcomes-Based Strategies for Cybersecurity
In addition to adopting these four criteria to achieve your agency’s desired state, it’s important to look at more holistic and proactive strategies against cyberthreats. As new threats emerge, it’s tempting for organizations to acquire more cyber tools, which are often purchased and updated when it’s too late to prevent an attack. Additionally, many government infrastructures simply don’t support the new tools and organizations, then feel forced to change their current infrastructures to accommodate them.
“This leads to several challenges,” Miller said. “One is that we put more stress on security practitioners in the organization because there’s a learning curve to the new tools. Additionally, we’re not hiring more people to run those tools, and it causes a lot of cyber personnel to feel overburdened.”
Instead, Miller suggests better configuration-based compliance checking and being more proactive in security postures. This requires more outcomes-based strategies. Using automation, a message fabric that allows communication in real time, and sharing threat intelligence data allows organizations to react earlier to threat conditions.
Miller suggested a three-pronged ap- proach to implement as a comprehensive outcomes-based strategy:
1. Dynamic control and automation: Due to the lack of skilled resources and cybersecurity practitioners, government is not producing enough labor and talent to catch up with cybersecurity needs. That’s why it’s important for organizations to incorporate more automated mechanisms to provide better control and visibility.
2. Contextual risk cognition: There is greater need to look at the context of cyberrisks in order to perform better behavioral and advanced analysis. Leverage data gleaned from advanced analytics to make better decisions that address your particular cyberthreat landscape.
3. Pervasive points of presence: Citizens and government employees alike want the ability to work from anywhere, anytime. With the increased demand for connectivity comes increased need for security and better information storage. Pervasive points of presence means enabling mobile technology devices that transmit and share data across the Internet to provide connectivity while ensuring security.
While the cyberthreat landscape has grown larger and more complicated, government should not have to rely on new tools alone to combat new cyberthreats. Instead, leveraging outcomes-based strategies with a focus on automation, risk cognition, and securing mobile data is key to any agency’s cybersecurity protocol.
By focusing on results rather than just on new tools, government can better build their cyber workforce and work towards achieving a desired state of resilient digital enterprise.