The cyberthreat landscape changes daily—attacks are frequent and damaging—facts that are especially apparent to those defending federal networks. Given this reality, government professionals are taking a practical approach to defending their systems, networks, and data. In this environment, resiliency must be built in, implemented, and maintained.
Resilience is “the ability to recover quickly from illness, change or misfortune.” In the IT universe, resiliency is the ability to react, rebound, and recover from infrastructure operational interruptions – from power outages and network failures to unauthorized intrusions and cyberattack. Creating a resilient IT architecture is not an admission of anticipated defeat. It is insurance against probable events and incidents that might compromise operational and mission integrity.
In its latest report of Threat Predictions for 2023, FortiGuard Lab concludes that “the most troubling trend…(is) the growing volume and variety of increasingly sophisticated cyberthreats” as cybercrime continues to converge with Advanced Persistent Threat (APT) methods. What does this situation imply for Federal Government network defenders? It requires enhanced vigilance and pro-active security measures to detect and limit the damage of traditional and new types of attacks that cause previously unknown and widespread network disruption and data compromise.
Given the threat forecast, agency cybersecurity professionals understand they likely will not detect and mitigate all attacks. Instead, their goal is to minimize the number and type of successful attacks on the most sensitive data and critical infrastructure, and to prepare for rapid recovery in the wake of likely cyber incidents—in short, a resilient architecture.
Among the recommended pro-active measures to implement and maintain a resilient security architecture are:
- Conduct a comprehensive assessment of security responsibilities to ensure defenders know their roles and procedures in the event of a cyberattack
- Combine technical and organizational tools to ensure good communications and streamlined response to unforeseen incidents; and
- Create a repository of tested, foundational solutions to expedite response when needed.
Organizational Resilience
It is often misunderstood that “resilience” refers only to technical solutions and automated tools used to mitigate cyberattacks. Yet organizational resilience, the ability of personnel to detect, react, respond, and recover, are equally important as the technical capabilities that agencies have available to defend their IT infrastructures.
To integrate the ability to rapidly recover operational norms, increasingly cybersecurity managers are working with enterprise IT teams and executive management to focus on a common goal—establish an enterprise-wide understanding of current and potential threat activity specific to their networks and operational environments and develop a coordinated and integrated response strategy—before it is needed. Working from a unified viewpoint, organizations can optimize the application of resources when a coordinated response can make a significant difference in the outcomes of a serious cyberattack.
Creating a Resilient Cybersecurity Workforce
To complement the best consolidated cybersecurity technology, technical and non-technical agency personnel need a comprehensive understanding of their roles to ensure the strongest possible enterprise security posture. Agencies have information they can share to sensitize their workforce to the importance of collective cyber-vigilance:
- Use threat intelligence insights – while a limited number of organizations produce it, sharing selected information with personnel can create a more effective and aware enterprise cyber defense mindset and operational environment
- Create accountability and ownership for agency security by clarifying each person’s role in and responsibility for cyber defense. How to do this?
- Set cybersecurity responsibilities and standards up front during staff on-boarding orientation
- Conduct periodic workforce training and security refresher updates
- Host training exercises to build workforce “muscle memory” in anticipation of cyberattacks
- Circulate alert information as specific, threatening attack profiles evolve
- Share lessons learned and adjustments made following cyber event analyses; and
- Provide resources and information that are timely and responsive to individual questions and concerns
Team and Technology for Resilient Results
While agencies create more resilient organizations, Fortinet Federal is focused on helping the U.S. Government create effective, trusted, and resilient cybersecurity architectures. There are countless benefits to building an enterprise cybersecurity strategy around a consolidated and integrated platform, designed to provide visibility and end-to-end protection of networks and data. The seasoned, public sector-focused professionals at Fortinet Federal are ready to meet your evolving agency cybersecurity demands. See more about our award-winning solutions at www.fortinetfederal.com.