How to Improve Federal Cybersecurity Efforts

wutzkohphoto/Shutterstock.com

The public sector can, and should, play a larger role in helping ensure massive breaches don’t happen again.

Last year was another banner year for cyber hackers and bad actors. A recent report found that the number of data breaches reached 1,202 in 2017—a 50 percent increase since 2015.

Breaches on both public- and private-sector networks resulted in millions of Americans having their personal and financial data compromised. The private sector was particularly hit hard with the massive Equifax data breach impacting 145.5 million people.

But federal agencies also continue to face major challenges. The Transportation Security Administration and the National Security Agency both experienced serious breaches, even as the federal government has taken steps in recent years to help prevent such successful attacks. These ongoing cyber breaches suggest agencies aren’t doing all they can within the established cybersecurity frameworks and initiatives that abound across government today.

The public sector can, and should, play a larger role in helping ensure massive breaches like those at Homeland Security Department, Office of Personnel Management and even Equifax don’t happen again. It’s time for federal chief information officers and IT professionals to start looking at these initiatives as more than just a guideline, but critical to the success of our nation’s security. Here is how federal agencies can improve their cybersecurity efforts in the coming year.

Better Adhere to the Cybersecurity Executive Order

A major cyber-focused directive promulgated in 2017 was President Donald Trump’s cybersecurity executive order. In it are three key elements that need to be taken seriously in the year ahead.  

The first is accountability. The order holds agency heads accountable for “risk and magnitude of harm.”  So far, security has been a bureaucratic obstacle for most agencies, an empty exercise in administration, with little or no consequence for failure. Holding agency heads accountable makes cybersecurity a top priority, and in theory, creates consequences for those who fall short.

The second element is upgrading the federal cyber workforce. Government agencies have far less flexibility than the private sector when negotiating salaries, but there are some advantages as well. Cybersecurity professionals in the government, particularly in the military and intelligence communities, are on the front lines of protecting our nation, which serves as a motivational factor in the workplace. Also, because cybersecurity (like all technology) changes rapidly, ongoing training and education are essential. Cybersecurity professionals are curious by nature; reward active minds with education.  Additionally, in some environments, cybersecurity folks can legally work in offensive operations, which is a fascinating opportunity not regularly available in the corporate world.

Third is the emphasis of modernization, an effort often assumed to diminish security concerns. However, recent survey results show a surprising, and sometimes controversial, reaction from chief information security officers. Many believe that while modernization is an overall boon, it can actually complicate security concerns. For instance, the move to the cloud is a key element in modernization and in the long run will improve the security posture of most government systems. In the short term, however, CISOs will need to adjust to the reality of new ways of operating that will take time and patience.

Update Priorities Based on Current and Future Technology Trends

Adoption and execution of federal cybersecurity guidelines can move the federal government closer toward a stronger cyber posture. To start, agency CIOs should focus on the basics. They can do this by identifying assets such as systems, networks, data, devices, applications; knowing where data resides, lives, and goes; knowing its sensitivity levels and privacy requirements; standardizing and documenting system configurations; and implementing a stringent patch management program.

On the other end of the spectrum from the basics is staying current. History shows that bad actors are early adopters, and tend to use new technology as soon as possible. If your agency doesn’t move ahead, your adversaries will zoom past you.  Look at machine learning solutions. Stay on top of developments in blockchain. Wrestle with IoT solutions. Be a moving target.

Streamline the IT Acquisition Process

Agency CIOs should look to industry partners to make the most out of their people, processes, and resources. Is your security budget really inadequate, or can you reallocate funds to make it more effective? Typically, too much money goes to bureaucratic assessment efforts. Agencies should look to automate wherever possible.  More importantly, don’t just shelve IT products, system assessments, and metrics reports. Use what you’ve paid for, and act on the results and recommendations from those efforts.

Agencies are going to continue to face attacks from hackers. In all likelihood, 2018 will be just as challenging as 2017. That’s why it’s important to leverage the frameworks in place to face these ongoing and evolving challenges head on, and we can improve the nation’s cybersecurity posture together.

Don Maclean is the chief cybersecurity technologist for DLT Solutions.