Nationwide, many government agencies are realizing that traditional approaches to cybersecurity are no longer enough to protect against increasingly sophisticated adversaries and navigate a complex threat landscape. For example, cybersecurity strategies have historically focused on the perimeter, ignoring the risk of internal threats and failing to account for mobile devices or teleworking employees. In an era of tightening budgets and rising citizen expectations, government must adapt to these modern realities. Cyber intelligence uses behavior analytics, network visibility, and operational and threat intelligence to make agencies smarter about today鈥檚 threats. If your agency is in need of a forward-looking cybersecurity approach, get up to date with 鈥Raising Agencies鈥 Cyber Intelligence,鈥 a guide created by GovLoop and 探花视频 featuring insights from the following technology and government cyber intelligence thought leaders.
Storytelling with Intelligence-Led Security
鈥淭oo often, agency leaders and cybersecurity analysts seem like they鈥檙e speaking separate languages. With both sides communicating about cyberthreats differently, getting everyone on the same page is one of contemporary government鈥檚 greatest challenges. The wider the gulf between an agency鈥檚 teams, the more vulnerable it is to external danger. Today鈥檚 security landscape contains dangers everywhere, and cyberthreats won鈥檛 wait for agency workforces to unite against them. Agencies that don鈥檛 speak the same language as their employees and employees that don鈥檛 speak the same language as their agency leaders will find themselves constantly fighting cybersecurity fires.鈥
Read more insights from Recorded Future鈥檚 Threat Intelligence Analyst, Allan Liska.
Leveraging Zero Trust Against Cyberattacks
鈥淎gencies aren鈥檛 looking just at the 鈥渘orth-south鈥 of traffic moving inside their network perimeters for threats. Lateral cyberattacks occur when perpetrators breach agencies鈥 defenses and then move freely 鈥渟ideways鈥 or 鈥渆ast-west鈥 on their networks. The modus-operandi of cybercriminals today is to seek a weakly defended element, and then access sensitive data by moving laterally to avoid stronger safeguards. This protection against lateral movement is what zero trust cybersecurity is all about. By automatically distrusting everything on and off their networks, agencies can enhance their IT security.鈥
Read more insights from Trend Micro鈥檚 Vice President of Cybersecurity, Greg Young.
Threat Intelligence: The Context Agencies Crave
鈥淏asic cybersecurity knowledge 鈥 such as which attacks are most common 鈥 won鈥檛 always keep agencies鈥 data safe. For scores of agencies, today鈥檚 threat landscape can change too fast for their workforces. Fortunately, threat intelligence can prepare agencies for cutting-edge dangers. Threat intelligence adds the context agencies need by focusing on the latest threats in realtime. [鈥 The worst cyber attacks are the ones agencies never see coming. But with quality threat intelligence, agencies can stay alert to where cyberthreats might strike next.鈥
Read more insights from Fire Eye鈥檚 Principal Analyst, Luke McNamara.
Pairing Man and Machine on Zero Trust
鈥淪ince the COVID-19 pandemic began, the number of endpoints to defend has exploded as government employees started working remotely. These endpoints include devices such as laptops, smartphones and tablets, and they are leaving agencies more vulnerable than before. Going forward, the more endpoints agencies have, the more targets they will present to cyberthreats. [鈥 Zero trust cybersecurity addresses de-perimeterization, or the gradual erosion of network boundaries. With zero trust, users must be capable of securely accessing data from anywhere no matter where it resides.鈥
Read more insights from Blackberry Limited鈥檚 Vice President of Global Sales Engineering, Rich Thompson.
Prioritizing Cyber Intelligence at the Defense Logistics Agency
鈥淥ne of the things I would tell you is more of a concern than it has been in the past is the large number of endpoints that are seated on our networks today, especially with mass telework becoming the norm over the last few months. Identifying and confirming anomalies and positive, adverse actions has become more difficult. It has amped up our attention on automation, machine learning and robotic process automation and bringing that into the fold to a greater degree across the cybersecurity spectrum. It is almost a must now because of the massive amounts of data to sift through to get to what you鈥檙e seeking.鈥
Read more insights from DLA鈥檚 CIO, George Duchak, and Director of Cybersecurity, Linus Baker.
Minnesota Chief Information Security Officer Explains Zero Trust Cybersecurity
鈥淯nlike other types of attacks where weapons require certain tactical research, there is a low effort in the cyberthreat domain. The global threat landscape will continue to have new entrants as actors build strengths and develop talent. There鈥檚 this model of a cyber kill chain. It talks about how attackers move from discovery all the way to mission completion, whatever the mission might be. If we build layers of defenses that look at that cyber kill chain, can we identify the mission actions through that cycle before the mission completes?鈥
Read more insights from Minnesota Chief Information Security Officer (CISO) and Minnesota IT Services鈥 (MNIT) Assistant Commissioner, Rohit Tandon.
Understanding DoD鈥檚 Cyber Hotline
鈥淧icture the Vulnerability Disclosure Program (VDP) as the hotline for reporting DoD鈥檚 cybersecurity shortcomings. Nestled in DoD鈥檚 Cyber Crime Center (DC3), the program makes the philosophy of 鈥渟ee something, say something鈥 digital. At any time, ethical hackers can alert DoD to issues ranging from insecure networks to noncompliance with cybersecurity standards such as FISMA.鈥
Read more insights from DoD鈥檚 Director of the Vulnerability Disclosure Program, Kris Johnson.
Download the full GovLoop Guide for more insights from these cyber intelligence thought leaders and additional government interviews, historical perspectives and industry research on zero trust, the government threat landscape and the latest developments from government programs like CDM.
