The Cyber Security Executive Order: How to Make White House Goals a Reality
The White House recently signed the long-awaited cyber security executive order (EO), emphasizing the importance the administration is putting on managing cyber risk across government. This EO is a step in the right direction as it places a level of accountability on federal agencies to protect critical data through IT modernization, better cyber hygiene and more.
The administration put agencies in charge of their own security and has used the National Institute of Standards and Technology (NIST) Cyber Security Framework as a guide for mitigating risk. This gives CIOs and CISOs a high-level of responsibility, but also provides them with a path to implement standards, guidelines and best practices.
A trickle-down movement dictates almost all federal action. Now that the White House is robustly supporting better cyber security for government, it is more likely that agencies will heed recommendations that they hadn’t before. The cyber security EO covers a lot of ground, but below I’ll touch on a few focus areas and offer next steps in addressing cyber security issues.
Protecting federal networks through enhanced risk management
As cyber risks rapidly evolve, agencies must regroup and focus on protecting data from the perimeter through the network, and at the endpoint. Network visibility is key to this effort. In many cases this is just a matter of enabling features that are already in place and feeding the valuable raw information into network visibility tools, focused on cyber security. This allows agencies to recognize suspicious behaviors and prevent the same issue or breach from occurring more than once. Agencies can also garner a great deal of insight that can be leveraged in future cyber action.
Visibility is an important first step to taking a better security stance in the federal government, but the information it provides must also be displayed in a meaningful way for maximum usefulness. With technology advancements including faster rendering and enhanced user experience, agencies can easily pivot from a high-level view down to a granular take on issues, allowing for a dramatic reduction in analysis time.
Protecting critical infrastructure through IT modernization
NIST’s Cyber Security Framework offers a seasoned foundation for agencies to base their security stance. As agencies put the recently updated framework in place, more concrete steps must also be taken. Legacy IT is a major risk to federal cyber security, but while modernization is necessary to protecting mission-critical data, it is also very costly.
With efforts like the Modernizing Government Technology Act, currently being reviewed by the Senate, hopefully cost will be less of an issue in the future. However, in the meantime, agencies have been given 90 days to provide the Department of Homeland Security and Office of Management and Budget with a report outlining details of the risk the agency has decided to accept and not accept, its strategic, operational and budgetary considerations and a plan to implement NIST framework.
This planning is key to cyber security success. Rather than having a knee-jerk response to the EO by immediately buying IT without consideration, agencies must take this opportunity to use the provided framework to identify security solutions that are part of a short-term roadmap to remove high priority security gaps and a long-term roadmap to develop processes that work together to allow for operational efficiencies. By investing in areas of cyber security and modernization that match needed security capabilities that are operationally feasible, agencies will later be able to ensure that security solutions operate at their optimum capability. Feds must look at their cyber security plan from both a capital and operational expenditure perspective, understanding the resources their future investments will require, before making rash decisions.
Moving to shared services through cloud migration
The cyber security EO hopes for increased information sharing both within agencies and between government and industry. This shared information can provide broader threat intelligence to combat potential attacks. Also known as indicators of compromise, this shared information combines multiple factors and can be added as additional threat indicators in security solutions for many organizations.
In this situation, a move to cloud is a move in the right direction. Though there is still hesitance to migrate federal data to the cloud, the efficiencies of moving services to the cloud are becoming more advantageous. This reality is coming closer as new security controls are being implemented in the cloud and telemetry from many sources can be more easily correlated and investigated for patterns related to potential threats. While information sharing of meta data is a critical to threat intelligence, it is also important to protect the individual organization’s data within the cloud. This concern is being addressed with innovations around cloud encryption and Cloud Access Security Broker (CASB) to control access within the cloud. These cloud security innovations and the EO’s cloud emphasis will likely spur movement in this direction, allowing agencies to more easily share information and improve government cyber security as a whole.
It is great to see those at the center of our government, despite party lines, acknowledge the importance of cyber security, especially as attacks become more sophisticated and frequent. We at Iron Bow are looking forward to seeing the effects of the executive order on government’s cyber stance, and hope to contribute to the goals the White House has set for agencies through our analysis, technology and service offerings.
To learn more about how Iron Bow can help your agency better meet the cyber expectations of the administration, visit: https://www.ironbow.com/solutions_serv/cyber-security