How governments can stay ahead and recover from cyber attacks
This week, Federal CIO Tony Scott is expected to release a public report on ideas submitted from industry, government and academia to the American Council for Technology and Industry Advisory Council (ACT-IAC), a public-private partnership, for how agencies can stay ahead of and recover from cyber attacks. The report is a milestone in the race to repair federal cybersecurity practices in the wake of June’s Office of Personnel Management (OPM) data breach.
Tanium was among the parties who submitted recommendations to ACT-IAC. Our recommendations reflect the challenges and opportunities that we have observed working in close partnership with federal agencies, as well as proven strategies that we’ve gleaned from our work with Fortune 500 companies, including:
- Adopt Flexible, Fast, Scalable Solutions: Organizations need to adopt technologies that can produce a complete inventory and audit of every globally distributed IT asset at any scale and within seconds. Platforms also should be flexible to adapt to changes as methods, approaches, technologies and behavior evolve over time.
- Accelerate Incident Detection and Response Time: To effectively accelerate incident detection to response times, solutions must be able to provide accurate and complete data — both current and historical — in seconds. Information that is hours, days or even weeks old is simply worthless in this struggle against time.
- Assure Visibility, Control and Compliance: Organizations need the ability to rapidly detect unmanaged assets joining their network so that they can swiftly investigate the assets’ origin and take the necessary action as quickly as possible. Technology platforms also need to provide the necessary level of control to quickly enforce compliance and consistency across every new system coming under management. This will help ensure violations are quickly corrected so that there is no lapse in an agency’s IT security posture.
Cybersecurity strategy implementation plan (CSIP)
As a follow-up to the 30-day Cybersecurity Sprint, which was a short-term fix to urgent agency security flaws, Scott and a team of officials from across several security agencies reviewed the government’s cybersecurity practices. The resulting Cybersecurity Strategy Implementation Plan (CSIP), released late last month, as well as the forthcoming ACT-IAC report, is an effort to provide longer-term goals for boosting federal cybersecurity. Specifically, the CSIP outlines five objectives that include a number of Tanium’s proposals to ACT-IAC, including: Timely detection of and rapid response to cyber incidents; Rapid recovery from incidents when they occur; and, Efficient and effective acquisition and deployment of existing and emerging technology.
The imperative is clear: the U.S. can’t wait for the next breach to make proposals like these a reality. Congress and the White House, along with private sector partners, must act fast to update the policies, procedures, people and technology that will change the federal government’s approach to cybersecurity. Tanium is proud to play a role in helping government agencies protect sensitive data while ensuring our national security.