The US Government announced a plan to “modernize Federal cybersecurity” last week. With the breach of the Office of Personnel Management top of mind, a team of over 100 experts from both government and private industry reviewed the current Federal cybersecurity policies and procedures. The resulting Cybersecurity Strategy Implementation Plan (CSIP) focuses on 5 key areas to improve cybersecurity. Here are the 5 areas and our thoughts on each:
- Prioritized identification and protection of high-value assets and information. You can’t protect it if you don’t know what and where it is.
- Timely detection of and rapid response to cyber incidents. How many times do you hear about a breach that has been in progress for over a year – including the government’s own OPM breach? Detection is critical and must go beyond known signatures that standard security devices like firewalls can recognize, because the attacks are becoming more sophisticated every day, and the solution must be continually evolving as well.
- Rapid Recovery from incidents when they occur, and accelerated adoption of lessons learned from the assessment. This ties in with “rapid response” in point #2. Even if you have monitoring in place and can detect an incident, do you have a plan to respond to it? Do you have the right expertise and experience in house to implement a cyber incident response plan? Can you perform sufficient forensics to learn from the incident and prevent a similar one?
- Recruitment and retention of the most highly-qualified cybersecurity workforce talent the Federal government can bring to bear. This expertise is in high demand and is not easy to find or retain. The Federal government has more resources available to do this than the typical for-profit business or nonprofit organization. Outsourcing ahead of time can provide the resources needed in time of crisis.
- Efficient and effective acquisition and deployment of existing and emerging technologies. There are new solutions coming out every day to help fight the battle against cyber crime. They are not “one size fits all”. First, understand what you need to protect, where you are most vulnerable, and then the options for how to address the gaps become more apparent.
Tony Scott, U.S. Chief Information Officer, has his work cut out for him. He realized that incorporating outside resources would offer a more well-rounded and objective view of the current situation and the possible solutions. Have you considered how to best incorporate outside resources to “modernize YOUR cybersecurity”?