Prioritizing Breach Prevention Over Mitigating Cyberattacks
Connecting state and local government leaders
COMMENTARY | Government is more secure when hackers are stopped before they can touch critical data and systems—when a breach is blocked, not abated.
With government agencies and private sector organizations rocked by recent large-scale cyberattacks leading to data breaches and worse, securing networks against bad actors has never been more important.
Yet a recent study found that 83% of government cybersecurity leaders say their agency operates with an “assume breach” model, meaning they assume their systems will be compromised. Even more alarming, 50% believe there will be a "Cyber 9/11" in the next ten years.
Cybersecurity protocols have evolved quickly in recent years with innovative technology advances and the move to zero-trust architectures, which has gained momentum after President Joe Biden’s May 12 executive order. However, with the “assume breach” model, 61% of technology leaders say their agencies are prioritizing cyber resources focused on detection, confinement and remediation. Only 39% say they are focused on breach prevention.
It’s time to reset those priorities.
A more secure government happens when hackers are stopped before they can touch critical data and systems—when a breach is prevented, not mitigated. Most technology leaders agree: 88% say that breach prevention should be government cyber leaders’ number one priority.
Breach prevention is built on the idea of zero vulnerability, which requires high assurance design and implementation. Most devices used to access networks can be built with zero vulnerability tools and techniques that prevent breaches. These tools also mitigate the human element that leads to catastrophic breaches by placing the protection on the device itself.
The technology already exists. Avionics and safety-critical devices like commercial and military airplane operating systems and medical devices are intent-built with zero vulnerability tools and high assurance practices—and that saves lives.
The challenge is getting government leaders to shift their mindsets. While zero trust principles and high assurance practices have been around for a long time, many agencies have only adopted those protocols recently. Research shows that just 41% of technology teams have developed a plan to implement the principles of a zero trust architecture. Incorporating zero vulnerability in parallel may seem unrealistic, pushing the move towards breach prevention in the near term out of reach.
However, 91% of technology leaders say they want to see their organization shift to breach prevention in the next three years.
Budget allocations are a good place to start. The research shows that cybersecurity funding is currently prioritized for data, platform security, networking, and infrastructure, with hardware and supply chain security receiving less of the funding pie. But the percentages aren’t vastly far off:
- Data: 47%
- Platform Security: 47%
- Networking: 40%
- Infrastructure (including cloud): 38%
- Hardware: 34%
- Software Development: 33%
- Supply Chain Security (software): 31%
- Supply Chain Security (hardware): 30%
Solutions built with zero vulnerability can be added to the agency’s refresh cycle—when it’s time to issue a new device, replace it with a device built with the zero vulnerability protection. The research points to this idea potentially gaining traction: 89% of technology leaders say hardened endpoint devices residing outside of the security boundary are a key element of breach prevention.
Other key points leaders say are needed for breach prevention include:
- Centralized access to cybersecurity data and analytics: 91%
- Improved vulnerability management: 90%
- Fundamental top-down culture change prioritizing prevention: 89%
Government agencies will always be a prime target for hackers. Assuming that the hackers will get in leads to teams constantly playing a tireless game of catch the hacker. Changing mindsets where prevention is the highest cybersecurity priority will deliver real progress protecting federal data, systems, and missions.
Jimmy Sorrells is the president of Integrated Global Security.
NEXT STORY: Congress Weighs Cyberattack Reporting Legislation