Since its formation in November 2018, the Cybersecurity and Infrastructure Security Agency has been focused on securing our nation’s physical and cyber infrastructure. Recently, CISA Director Christopher Krebs released his strategic intent for the agency. This is a direct response to society’s increasing reliance on networked technologies and the evolving global cyberthreat. CISA’s guidance is timely. By 2023, 50 percent of world’s data breaches will take place in the U.S.
To force change in the government’s cybersecurity practices, federal agencies need a definitive framework to better protect our nation’s most sensitive networks. Krebs outlined five core principles to guide our national public and private sector approach:
- Leadership and collaboration;
- Risk prioritization;
- Results oriented;
- Respect for national values; and
- Unified mission and agency.
It is easy to agree on the principles, but creating real change requires collaboration now to deter emerging cyberthreats ― specifically vulnerabilities in election systems, supply chain and critical infrastructure.
Tackling the emerging threats
Krebs underscores that election interference conducted by malicious nation-state actors are one of the highest threats we face. Earlier this year, the Senate Intelligence Committee found that election systems in all 50 states were likely targeted during the 2016 election. With the 2020 election fast approaching, we must address these threats and protect these important system both now and through continuous improvement for all future elections.
To accomplish this, government agencies, academia and private corporations must work together. Evaluating the current tools and systems, identifying vulnerabilities, and auditing the current threat environment to develop the necessary technologies proactively can deter future threats. This process includes patching, segmentation, system monitoring, developing wireless configurations and cyber hardening to remove unnecessary applications. To create lasting change, individual states should also participate in the CISA-created training exercises to help them develop incident planning, preparedness, identification, response and recovery protocols.
Looking past 2020, Department of Defense supply chain vulnerabilities are another looming weakness that could jeopardize our military readiness. This vulnerability is growing rapidly. U.S. supply chain attacks increased by 78 percent between 2017 and 2018. With thousands of suppliers supporting the government system, there is a critical need for risk management services, as well as scalable tools and software that can identify threats and mitigate risk throughout the supply chain. This is a continuous process, It takes requires time and resources, and can only be done if the private and public sectors work together to create baseline security standards for the Department of Defense and its partners.
While a secure electoral system and supply chain are crucial to protecting our democracy, these are just two vulnerable sectors of our nation’s larger critical infrastructure framework.
Collaborating to create change
But how can government and corporations collaborate to make our infrastructure more secure? First, all parties must keep CISA’s five core principles in mind as they drive operational change.
When looking across all domains of critical infrastructure ― from the electric grid and public utilities, to transportation, healthcare and financial institutions ― industry and government should drive toward a coordinated, enterprise security ecosystem that protects our data and critical systems. We must share threat intelligence and capabilities faster to keep operations running.
For this model to be successful, we need a broad and dramatic cultural shift. Agency awareness and transformation will ensure collaboration, information sharing and trust between both the public and private sectors.
Focusing on the future
The release of CISA’s strategic intent sends a clear message: We can no longer think about cyber vulnerabilities after they’re breached by malicious actors. Instead, we must proactively institute innovative and scalable solutions that track and deter threats for agencies of all sizes. Collaborating on CISA’s priorities will not only protect our government, but also corporations and individuals. Cybersecurity practices will be built into our society’s infrastructure, improving resiliency and mitigating the severity of attacks that disrupt global security.
The threat doesn’t stand still, and neither can we.
John DeSimone is vice president for cybersecurity and special missions at Raytheon Intelligence, Information and Services.