Experts hash out next-generation cyber defenses

Featured eBooks
AI, From Front Line to Back Office
Trust in Government
Chasing New Industry
Insights & Reports
Building flexible and secure government services: An Identity-first guide
Presented By Okta
Download Now
Redefining Justice: Technology’s Role in Modern Courts
Presented By Salesforce
Download Now
By Stephanie Kanowitz,
Contributor, Route Fifty

By Stephanie Kanowitz

|

A new collection of essays highlights effective cybersecurity defenses that can be leveraged by public-sector organizations.

“There are only two types of networks, those that have been compromised and those that are compromised without the operator’s awareness,” wrote James Scott, senior fellow at the Institute for Critical Infrastructure Technology, in a collection of essays on next-generation cyber defenses. The  writers, ICIT fellows and industry security experts, voiced a common theme: Cyber threats continue to pervade government systems and no one solution is a cure-all.

The government sector is second only to the health care industry in system vulnerability and susceptibility to attack, based on total records breached, Scott wrote. In 2016, 36.6 million records were exposed, 13.9 million of which came from government systems.

Between 2010 and 2016, he said, federal and state agencies publicly disclosed 203 breaches, and there was a 40 percent increase in public-sector data breaches in 2016. Attackers exfiltrated personally identifiable information, such as names, birthdates and Social Security Numbers, as well as operational intelligence "that could be leveraged to impact the public, critical infrastructure, national security, or additional public and private sector organizations," Scott added.

Additionally, the average breach takes 229 days to detect, which many of the experts cited in the report decry as too long. To Scott, that means the number of exposed records in 2016 could jump as more breaches are discovered.

He and others blame the problem partly on old, outdated technology. For instance, firewalls can serve as middleware but can’t prevent traffic interception, Scott wrote.

Organizations should modernize their systems and protect data at rest or in use through encryption, tokens, data masking and enterprise key management, Scott said.

“Government entities have a moral and legal responsibility to act as role-model data custodians,” Scott wrote. Agency leaders and legislators must prioritize data protection, ensuring that data is "holistically and systematically protected at rest, in transit, and during processing on all agency and third-party systems such that even a sophisticated and persistent adversary that gains access to critical system or caches of sensitive information cannot leverage that access to inflict further harm by exploiting it against the public.”

Yet modernized systems aren’t immune to attacks either, wrote Malcolm Harkins, ICIT fellow and chief security and trust officer at Cylance.

“It barely costs attackers resources to launch spear-phishing or [distributed denial-of-service] campaigns,” Harkins wrote. “If one employee responds to the lure or opens a malicious attachment, the organization is compromised. If one subsystem buckles under the Distributed-Denial-of-Service attack and the network suffers, then the attacker’s DDoS attack has succeeded.”

He recommended modernization combined with machine learning and artificial intelligence could alter the asymmetric threat landscape to give public and private organizations a chance to preempt or mitigate adversarial campaigns.

“Sophisticated machine learning and artificial intelligence solutions dynamically detect and respond to suspicious activity before malicious code executes on the system,” Harkins wrote. Deep learning algorithms and behavioral analytics can be applied to modern networks to detect and mitigate breaches that result from human-error and insider threats. "These solutions can manage network authentication and access events across applications and infrastructure," he said.

Additionally, federal guidelines and laws don’t go far enough when it comes to cyber, some experts said. Don MacLean, ICIT fellow and chief security strategist at DLT, noted shortcomings in the National Institute of Standards and Technology’s Risk Management Framework, such as conflicts of interest and lack of incentives.

For instance, agencies under evaluation should not choose their own evaluators, MacLean wrote. “Companies performing security assessments should be contracted by an agency separate from the agency under scrutiny,” he wrote. The Government Accountability Office, Homeland Security Department or Office of Management and Budget are options.

What’s more, government workers should have incentives for protecting systems and data and greater punishments for failing to do so, McLean wrote. “A bonus structure for performance, and more stringent accountability for dereliction of duty, would materially improve security,” he wrote.

The 10 essays also address defenses related to protecting legacy systems, data encryption, cyber intelligence fusion centers and layered security policies.

Read the collection, Next-Generation Defenses for a Hyper Evolving Threat Landscape: An Anthology of ICIT Fellow Essays, Vol. 1, here.

NEXT STORY: Over classification stymies threat-info sharing

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.