President Biden has declared on multiple occasions that cybersecurity would be a priority as he took office. In his first 100 days, the Biden administration experienced two of the most sophisticated attacks the industry has seen. This piece by Bill Harrod, federal CTO, Ivanti, suggests priorities for President Biden’s next 100 days, why nation-state attacks are more prevalent than ever before, and what the federal government and enterprises need to focus on when it comes to cybersecurity.Â
In President Biden’s first 100 days, we saw nation-state cyber adversaries conduct some of the most sophisticated attacks the industry has seen. Most recently, ransomware group DarkSide took the Colonial Pipeline offline, resulting in gas shortages, disruptions, and widespread panic. The pipeline, which primarily serves customers and oil refineries in the southeastern United States, paid the hacker group nearly $5 million in ransom. With sophisticated attacks becoming more commonplace, the need for the government to modernize its cybersecurity policies and defenses is quite clear.Â
President Biden has stated on multiple occasions that his administration would launch initiatives and policies to ensure the nation’s cybersecurity. With nation-state attacks becoming more virulent, the federal government needs to focus on proactive cybersecurity policies that address concerns around our nation’s privacy and security.
The president’s recently-signed Executive Order does just that. On May 12, 2021, the Biden administration released a security-focused Executive Order that implements stronger federal cybersecurity standards and revamps existing cyberinfrastructure to become more secure. This order is fundamental in changing our government’s approach to cybersecurity. A zero-trust framework would aid the government in proactively securing its enterprise resources.
Why These Attacks Have Become More Prevalent
The COVID-19 pandemic has highlighted and accelerated our dependence on technology. We rely on technology for business, education, commerce, and social interaction, to name just a few. This constant connectivity, if left unmanaged and unsecured, can put the government and its citizens at risk.Â
This means federal agencies and enterprise companies need to rethink their approach to managing endpoints and cybersecurity measures. In 2012, the government created the Continuous Diagnostics and Mitigation (CDM) program, which was formed to help federal agencies with reporting, information sharing, and implementation of stronger controls to protect agency networks, data, and resources. The program’s approach to securing government networks and systems is a good foundation, but it can be made stronger with the addition and implementation of zero-trust.
With increased technology adoption, it’s evident that our nation’s cybersecurity policies have not kept up. To keep up with the rate of digitalization going on globally, government agencies need to modernize their technologies, policies, and security infrastructure as well. Nation-state bad actors have targeted the government’s infrastructure simply because many of these agencies still have outdated technology incapable of supporting modern controls. Additionally, basic tech hygiene has not been enforced.
The federal government is unfortunately behind in cybersecurity and technological modernization, and it has been for a while now. The Executive Order is a step in the right direction with a new security design for government agencies. The implementation of zero trust strategies and frameworks is one step closer to achieving a stronger, impenetrable network.Â
Challenges Associated With the Implementation of Biden’s Executive Order
With the increased need for real-time information sharing, there is also the additional risk of cyberattacks and data breaches. There is often a stigma associated with sharing information on attacks, as it highlights the impacted company’s vulnerabilities and shortcomings. For companies operating on a FedRAMP cloud, vulnerability scans are a regular and necessary occurrence, but for companies who aren’t, they are leaving themselves vulnerable to external attacks.
In an increasingly technology-dependent society, we are always connected to both a home network and an enterprise network. There is an increased number of endpoints within the enterprise network that needs to be secured, from the personal mobile devices of a government worker to the IoT devices used for automation and improving existing business processes.
Funding is another challenge associated with the new Executive Order. The order’s goals of revamping and modernizing the existing federal infrastructure will be costly. The Technology Modernization Fund (TMF), which was authorized by the Modernizing Government Technology Act of 2017, could potentially provide federal agencies with the necessary funding to upgrade existing technologies and software.
The federal government will need to implement zero trust architecture, including multi-factor authentication processes and automated endpoint detection for all devices. The above practices would ensure the federal government is proactively taking the steps needed to improve its cybersecurity policies and standards.
The Long Game â€” The Progress of Modernization
It’s important to note that the modernization process is unlikely to occur all at once. The zero-trust approach to cybersecurity will aid in securing and modernizing federal infrastructure and networks. The federal government’s technological modernization needs to focus on inventorying and grading its critical infrastructure.
Additionally, the government needs to understand what existing infrastructure and policies need to be overhauled to prioritize actions against future attacks. The Biden administration’s Executive Order is a step in the right direction, and I look forward to seeing the federal government achieve cyber resilience.