In this Help Net Security, Erica Banks, Vice President and Leader in Booz Allen Civil Services, discusses the role of the federal cybersecurity strategy in protecting national assets.
Banks highlight key areas for improvement including financing, talent retention and leveraging AI for better cyber defense.
The federal cybersecurity strategy is a critical component of protecting the nation’s assets. In your opinion, how effective is the current strategy in mitigating cyber threats, and what areas require further attention or improvement?
Continued nation-state threats and attacks on critical infrastructure underscore the urgency of implementing a comprehensive national cybersecurity strategy that goes beyond compliance and urging businesses to dedicate resources to rhetoric. National Cybersecurity Strategy Implementation Plan With the push for a more aggressive approach to cyber preparedness and increasing pressure for accountability, businesses and the U.S. government must strategically allocate roles, responsibilities, and resources to stay ahead of evolving threats.
We must strengthen operational collaboration across the federal government with a focus on synchronizing offense and defense. The government must find ways to collect information about offensive cyber operations, anonymize it, and share it with defenders to accelerate defensive improvements.
Federal agencies need more funding to strengthen their cyber defenses. Inconsistent and unpredictable funding jeopardizes sustainable investments and shifts the focus from proactive risk management to reactive and piecemeal efforts that fail to address real threats. A multi-year plan should include resource strategies for CISA and FCEB agencies to enable consistent and sustainable investments.
To create tomorrow’s cybersecurity solutions, the United States must leverage the nation’s cyber technology and innovation base. Using OTAs to test innovative approaches before expanding them to FCEB coverage allows the government to access non-traditional vendors with a streamlined procurement process that accelerates access to technology to combat emerging threats.
With increasing cybersecurity regulations, such as the new mandates under Executive Order 14028, how should federal agencies balance compliance with maintaining operational effectiveness?
Accountability is one of the driving forces for change. Metric-based goals that balance innovation with compliance will provide necessary guidance and allow the federal government to monitor progress.
CISA and FCEB agencies have unprecedented, near real-time visibility into the federal enterprise thanks to investments made in recent years. This operational visibility has increased the effectiveness of compliance reporting.
Given the current shortage of cybersecurity professionals in the federal public service, what strategies should be employed to attract and retain talent?
Not only do we need to hire and develop the right talent, we also need to diversify supply and demand. cyber talent Today’s cyber talent needs to be trained and evolved to meet evolving threats using new technologies and non-labor-based solutions. As an industry, we also need to embrace non-linear and non-traditional entry points into a cyber career, such as competency-based or skill-based assessments and reskilling programs.
When it comes to talent retention, cybersecurity professionals are particularly susceptible to burnout and cognitive overload due to the nature of the field. To meet the needs of this critical workforce and fill the 771,000 open cybersecurity positions today, organizations must make reducing cognitive overload a top priority by providing guidance and advice that clearly defines roles and priorities. Security teams also often burn out due to too many tools, data, and information. Getting feedback from security professionals and removing unnecessary tools or finding the right mix of resources can help address these challenges.
Human-driven cyber defense alone is too slow to keep pace with technologically advanced adversaries. AI-powered cyber defense tools augment resource-constrained personnel to proactively detect adversary attacks. Effective use of AI allows organizations to keep pace with adversaries and create efficiencies to counter talent shortages that lead to retention issues.
How do you assess the maturity of current federal risk management frameworks and what improvements are needed?
Different organizations will have different levels of maturity when it comes to risk management in different areas. For example, CISA Zero Trust Maturity Model is one of many roadmaps that agencies can refer to as they transition to a Zero Trust architecture. When in doubt, conducting an initial assessment can help an organization assess maturity in a particular area and plan targeted improvements.
Planning frameworks must produce better alignment of resources with risk assessments to target limited resources against priority gaps. Risk assessments must include the near real-time visibility that CISA has provided to its enterprise to generate actionable, contextualized risk recommendations.
We also need to assess resiliency. If we assume a breach and loss of availability, what plans are in place to restore functionality? Agencies need to identify their critical systems and plan how priority restoration will occur.
What are the top three priorities for federal cybersecurity over the next five years?
Protection of critical infrastructures: As last year’s attacks demonstrated, adversaries are targeting operational technologies and industrial control systems within the nation’s critical infrastructure. Failure to protect these assets can have widely felt and visible consequences for civilians, making critical infrastructure defense a key federal cybersecurity priority, now and in the future.
Implementing Zero Trust: Federal civilian agencies are required to implement some level of zero trust by the end of fiscal year 2024, and DOD has its own zero trust goals for 2027. Given the diversity of missions these federal agencies support, it is critical that they be protected from disruptive cyber threats, and zero trust principles (assume breach; never trust, always verify; allow only least privileged access) can provide real-time protection.
AI-based Cybersecurity: Foreign adversaries are increasing their use of AI and have already shown how it can be used to influence domestic unrest in the United States and other countries. To keep pace with foreign nations’ innovation, the United States must commit to using and implementing AI technology that is resilient to rapid technological improvements and advanced adversary capabilities. AI can play an important role in detecting and preventing threats, overhauling traditional reactive cybersecurity tactics and improving the resilience of critical services like power grids and financial systems.