The cybersecurity threat landscape is constantly evolving, and the cyber threats facing today’s government and military organizations are becoming increasingly sophisticated. This rising threat – and some of the workplace and technology changes that are happening across all levels of government – are making it increasingly essential that agencies remain vigilant and embrace new security strategies and technologies to remain ahead of cybercriminals. That was the main thesis of a recent session hosted by the Wall Street Journal which featured insights from IBM’s Chairman and CEO, Arvind Krishna, and its General Manager of Security, Mary O’Brien.
“As we all know,” O’Brien began, “the threat landscape continues to evolve. And as perimeters dissolve… our jobs as security professionals become increasingly complex.” This increasing complexity has been exasperated by the rapid expansion of hybrid work and the digitization of many processes. With workforces distributed and relying increasingly on employee networks and endpoints, O’Brien sees an increasing need for a more resilient workplace security model moving forward. Ultimately, there are more ways than ever before for a cybercriminal to gain access to an agency’s network and sensitive data, and the larger presence of unsecured devices in networks is a key contributor.
“We’ve seen the attack surface continue to grow, with thousands of new vulnerabilities reported in applications and devices,” O’Brien continued. This expansion of the attack surface includes attacks targeting Linux systems, IoT devices, and cloud environments. This proliferation of attacks and attack vectors demonstrates the increasing sophistication of cybercriminals, and their ability to adapt to shifting workplace and technology trends across the government.
The types of attacks that we’re witnessing against large corporations and key links in our country’s essential supply chains are also being leveraged against government agencies. As O’Brien explained, “Colonial Pipeline, Solar Winds, Microsoft, Facebook; the attacks against each of them can occur against any organization in the public or private sector.” So, what can be done? And more importantly, how can agencies continue to benefit from the digital transformation while also remaining secure?
Embracing digital transformation without sacrificing security
One of the ways in which agencies can protect themselves from attack isn’t particularly hard, at least according to Krishna. Preventing attacks like those large, well-documented attacks from the previous year doesn’t require anything particularly innovative, expensive, or painful to implement. It’s simply covering the cyber hygiene bases.
“The question is, what digital hygiene policies does an agency have? What are the standards you should put in place? What is being done to educate employees and give them the knowledge to recognize and stop engaging with suspicious actors?” To Krishna, the risk of cyberattacks requires agencies to approach cybersecurity as a necessity on par with accounting; it must be done to operate. To accomplish that, Krishna advocates that agencies should utilize a zero trust approach to security, company-wide.
Zero trust is widely accepted by security professionals as one of the current and future standard approach to cybersecurity. However, its importance takes on more weight in the context of the growing attack surface O’Brien mentioned earlier. Utilizing IoT devices, cybercriminals can potentially gain access to networks and bypass most exterior cybersecurity layers with ease. With zero trust, however, the ability for a malicious actor to continue further into an agency’s network is severely hampered – requiring that they work through a multitude of security layers to access information, data, or systems.
“I believe that using zero trust, that building a ‘next line of defense,’ that is how we are going to keep the bad guys at bay,” Krishna explained.
The unfortunate reality is that, despite the best-laid plans of IT and cybersecurity professionals, sometimes cyberattacks are successful. And of all of the current cyberthreats facing government agencies, Krishna sees ransomware as one of the largest and most impactful – especially considering the digital transformation trend that is putting increased importance on applications and data across the government. “We know that there are thousands of successful ransomware attacks going on and everyone wants to make sure that their agency is not going to be subject to one,” Krishna noted.
Three Steps to Stop, Identify, and Recover from Cyberattacks
As Krishna sees it, agencies need to think of cyberattacks as a certainty and be prepared for when they occur. That means agencies need to have a plan in place for cyberattacks – including ransomware attacks – and practice that plan repeatedly. Practicing incident response and ensuring that backup data is ready to be pressed into service when needed is critical to recovering as fast as possible from any cyberattack, not just ransomware.
Another aspect of preparing a modern security stature in the age of digital transformation involves having a robust and effective monitoring system in place. Krishna highlighted the work that IBM and other industry leaders have done to leverage advanced artificial intelligence (AI) and machine learning (ML) solutions to make scaled-up monitoring manageable for agencies. “Using AI and automation is likely necessary for getting a handle on all the false and real alerts that monitoring will generate,” Krishna explained.
Finally, referring to backup data, Krishna notes that simply having data “ready-to-go” isn’t enough, it has to be reliable and of a high enough fidelity that agencies can return to work with as little disruption as possible. “It’s not just the ransomware attack, it’s the fact that your operations pause that poses a challenge… having multiple high-quality copies of data can mean recovery in hours instead of days,” Krishna explained.
Security in the Digital Transformation
In the end, both O’Brien and Krishna voiced that the way for an agency to prepare for the future is to embrace the present.
Hybrid work is likely here to stay. So, embracing zero trust and building a cybersecurity stature that meets the increased risk from external endpoints and untrusted networks is no longer optional for agencies. And, as agencies continue to embrace digital transformation initiatives, the cost of a successful breach or ransomware attack to an agency’s operations only increases.
To help prepare, O’Brien encouraged attendees to, “Get your defense, ready people…be ready for anything, be prepared and know how to recover, be ready to respond. Work on building that muscle memory by practicing how to respond in the event of an attack.” By being prepared, embracing zero trust, and practicing their response to cyberattacks, agencies can weather the increasingly turbulent cyber storm.
To watch the webinar in its entirety, click here.