Larry Grossman, director of information security and privacy services at the Federal Aviation Administration (FAA), explained this week that his organization’s priorities for improving cybersecurity run the gamut from the latest in zero trust work, to the more traditional but necessary steps to improve cyber hygiene across the board.
Speaking at FedInsider’s May 11 Cyber Threats virtual event, Grossman said FAA’s cybersecurity posture has been evolving for the better, including through adoption of “more cyber hygiene,” which he called “a major part of the equation.”
Other strategies that the agency has been using focus on micro-segmenting different parts of networks in line with zero trust strategies that aim to make it harder for adversaries to achieve lateral movement through networks.
Grossman also gave a thumbs-up to increased sharing of cyber threat data within government and with the private sector. He stressed that when private and public sectors organizations team up and share information about cyber security threats, it becomes easier to combat threats.
“Private information was never available before, open to the public for anybody to get,” he said.
In the past, Grossman recounted, many organizations were not be willing to share information on new cybersecurity threats that they face because they were afraid of getting bad publicity – especially in the case of companies with public stock ownership.