Five Fundamental Strategies for Cybersecurity
Agencies should focus on the basics to protect against attacks.
The government’s effort to balance cybersecurity with continued innovation was underscored last year with the publication of the Commission on Enhancing National Cybersecurity’s Report on Securing and Growing the Digital Economy. The report included key recommendations for cybersecurity enhancements, while also serving as a sobering reminder that “many organizations and individuals still fail to do the basics” when it comes to security.
But in today’s environment, agencies must focus on some basic but highly effective fundamentals to protect against potential attackers. Some of these involve simple and basic security hygiene—the cyber equivalent of brushing your teeth. Others require more of an investment, both in terms of capital and human resources, and long-range thinking. Regardless, all of them will help emphasize the main goal that the commission is trying to help agencies achieve: “securing the digital economy in the near term and into the future.”
Let’s take a look at five fundamental strategies that can help agencies build an advanced and solid security posture.
Embrace network modernization
The report states: “The President and Congress should promote technology adoption and accelerate the pace at which technology is refreshed within the federal sector … the government needs to modernize and ensure that this modernization can be sustained at a faster pace.”
Legacy technology is not equipped to adequately prevent attacks that are now becoming alarmingly commonplace. Most likely, these systems operate off of outdated software that is either no longer supported or does not possess the security functionality needed to respond to today’s threats. These systems harbor easily targeted vulnerabilities.
Modern network technologies are better equipped to handle cyber attacks, are often easier to manage and are more efficient. Most can work in any environment and adapt to changing threat conditions. They can also automatically detect and respond to potential attacks without the need for human intervention, mitigating the threats before damage occurs.
Modernization often leads to standardization, which means fewer device types and configurations to manage. This reduces vulnerability, because configurations can be refined, deployed and maintained more easily.
Implement continuous monitoring
The commission states that “a security team has to protect thousands of devices while a malicious actor needs to gain access to only one.” This makes automated continuous monitoring extremely important.
A proper continuous monitoring solution contains a variety of components working together to strengthen an agency’s defenses against many attack methods. Those solutions could include log and event management tools that track login failures and make it easier to spot potential security incidents; device tracking solutions that can detect unauthorized network devices; or network configuration management solutions that can improve network compliance and device security. All of these can be done without human intervention, and most can be easily updated, keeping with the commission’s recommendation that government should make every attempt to keep pace with technology changes as they occur.
Remember to patch
Keeping software up-to-date with the latest patches and updates is an important threat deterrent, yet it can also easily slip through the cracks. It can be difficult for time-constrained IT managers to keep up with the latest software updates, and almost impossible to do so manually, given the amount of software that powers federal networks.
Automated patch management tools can analyze various software programs and scan for known vulnerabilities and available updates. These updates can be automatically applied as they become available, keeping software up-to-date and well-fortified against the latest threats.
Implement strong encryption
In the words of Edward Snowden, “Properly implemented strong encryption systems are one of the few things that you can rely on.” However, ensuring the security of data at-rest and in-flight is not necessarily an easy task, considering the hybrid cloud and IT environments that many agencies have adopted.
Still, strong encryption protocols must remain in place regardless of where the data resides, and data that travels from a hosted site must receive the same level of encryption—or, perhaps an even greater level of encryption—than data that exists on-premises. The slightest vulnerability in an unencrypted network can be a window to cyber attackers, while solid, end-to-end encryption remains extremely difficult to penetrate, regardless of where the data exists.
Adopt the Cybersecurity Framework
While many agencies have adopted National Institute for Standards and Technology’s Cybersecurity Framework, there’s room for more to get on board. The commission’s report calls on the new administration to work to sustain and increase use of the framework, which has proven to be effective for the organizations currently using it. There are signs that the government understands this and is working to ensure the framework’s continued growth. In March, the House Committee on Science, Space, and Technology passed a bill designed to encourage adoption of the framework.
This shows how serious the government is about balancing proactive cybersecurity with innovative technology. Agencies can support this effort by combining a few basic strategies with some long-term investments that will ultimately pay big security dividends.
Joe Kim is executive vice president, engineering and global chief technology officer for SolarWinds.