There is no silver bullet to maintaining a predictive stance when it comes to anticipating cybersecurity threats, according to experts from the Federal government.
Rod Turk, chief information security officer (CISO) and director of the Office of Cybersecurity for the Department of Commerce (DOC), said that, while many think of cybersecurity as a homogeneous umbrella, there are a lot of nuances to ensuring complete safety.
Turk and Mark Kneidinger, director of Federal Network Resilience (FNR) Division for the Department of Homeland Security (DHS) both said at MeriTalk’s Cyber Security Brainstorm that there is no silver bullet to a predictive cyber posture. They said that most Federal agencies are drafted to be defensive and reactive rather than offensive and predictive.
“I’m not the Lone Ranger. I don’t have a horse named Silver,” Turk said. “We at the Department of Commerce are not offensive by nature.”
One solution to assessing risks and predicting attacks is DHS’s Continuous Diagnostics and Mitigation (CDM) program, according to Tim McBride, Director of Operations of the National Cybersecurity Center of Excellence at the National Institute of Standards and Technology (NIST). CDM, which Kneidinger described as a part of the silver bullet, offers tools for Federal agencies to identify cybersecurity risks on a continuous basis.
Information security continuous monitoring (ISCM) data helps agencies using the CDM program assess risk, according to Kneidinger. While Turk claimed that the CDM program is the centerpiece of the ISCM program at DOC, Kneidinger said that agencies need to create a more robust ISCM plan.
In addition to the CDM program, Turk said that returning to basic skills of protecting hardware and software is important to the future of cybersecurity. He compared cybersecurity to the Green Bay Packers, his favorite football team, stating that agencies need to master how to block and tackle in order to defend against threats such as malware. He said that sophisticated threats were just as dangerous as the 15-year-old in the garage next door launching malware from his computer.
“I’m a firm believer in the basic blocking and tackling. Basic blocking and tackling is important when it comes to cybersecurity. You cannot have basic cybersecurity if you don’t know what you have in your environment,” Turk said. “If you do the basic things, you will stop a significant percentage of the potential events coming into your system. We can talk about some of the more flashy things, but I would submit that you have to take care of the basics first.”
Also from the Brainstorm:
Cybersecurity Initiatives Will Continue to Next Administration
Fix FedRAMP or Congress Will, Connolly Tells GSA
Commerce CISO Says Playing Defense is Essential
DISA is Moving to Commercial Cloud