The May 2021 cybersecurity executive order (EO) 14028 requirements make securely managing U.S. government data more important than ever before. The prevention, detection, assessment, and remediation of cyber incidents has always been important to U.S. government agencies and private companies alike, but now bolstering cybersecurity is an official priority.
Elements of the White House EO require the private sector to support execution. Preparing for the impacts of the EO comes with operational challenges. Here are the top takeaways from Gregg Garrett, vice president, cybersecurity, about how partner companies to the U.S. government can respond:
1. Modernize software supply chain security to the granular level.
“Securing software to strengthen the government is not a one-size-fits-all type of problem––this is multi-dimensional calculus,” said Garrett.
Every federal government agency has unique software and hardware configured specially to accomplish their mission. Even within one agency, there is not a homogenous IT system. “Each department within each government agency will need tailored cybersecurity solutions,” said Garrett.
Recent cyberattacks, such as the Colonial Pipeline ransomware hack and SolarWinds breach, have made it apparent that third party software can create an easy backdoor.
Cybersecurity architects and engineers will need to adapt and customize different solutions based on existing IT platforms. Systems and capability integrators such as Peraton can modernize software supply chains to strengthen critical infrastructure and protect intellectual property and sensitive data.
2. Improve the detection of vulnerabilities and incidents.
“There is no singular solution to solve the problem of cyber vulnerabilities,” said Garrett. “That would be the equivalent to reading a ‘how to’ guide to win a game of chess. Cyber threats have countless permutations.”
The next step to improve cyber threat detection is implementing an integrated enterprise IT services management platform, including vulnerability management, integrated risk management, and incident response management.
Peraton Labs’ communications technologists, data scientists, and software engineers have developed and deployed software to enhance malware detection, advance data forensics analysis, protect and defend against cyberattacks, and detect malware.
Additionally, Peraton developed a proprietary zero-trust methodology that uses elements of NIST SP 800-207 Zero Trust Architecture (ZTA) to provide federal government agencies the necessary support to develop customized ZTA strategies. These roadmaps include data mapping, data isolation, silicon-based isolation, data micro-segmentation, micro-perimeters, software-defined perimeters, and dynamic identity verification and access control—all of which provide enhanced cyber threat intelligence and continuous incident response services.
The zero-trust concept of compartmentalizing data, verifying of identity, and creating more privileged access to data will enhance security.
3. Remove all barriers to sharing threat information.
Alongside defining potential incidents and ensuring the accuracy of vulnerabilities data, companies should get comfortable sharing threat information regarding the federal IT systems they support.
“Improving the detection of vulnerabilities and incidents must include sharing information for situational awareness, otherwise the efforts are futile,” said Garrett.
To combat increasingly sophisticated threats, Peraton developed ThreatBoard™, which uses a scalable and redundant cloud-based data fabric architecture that reduces the time it takes to recognize attacks by ingesting data from multiple disparate sources, regardless of size and format.
This ability to synthesize and analyze different types of data in one location makes it easier to correlate and make sense of threat information.
Every ThreatBoard user receives a customized view of incidents based on their job role. Tier I, II, and III personnel—forensic specialists, threat hunters, vulnerability analysts, security managers, and executive leadership—can view the information relevant to them. This protects the data without hindering communication.
4. Expand investigative and remediation capabilities.
According to the EO, “the private sector must adapt to the continuously changing threat environment, ensure its products are built and operate securely, and partner with the Federal Government to foster a more secure cyberspace.”
Expanding cyber forensics capabilities is one solution. More malware testing, additional cyber incident response teams, and updated cybersecurity education and training will help prevent unwelcome access to IT systems.
“U.S. federal government agencies need to provide persistent cybersecurity education, training, and advanced simulations for cybersecurity analysts, using tools like CyberVAN, Peraton’s cyber range,” said Garrett.
Peraton has worked for decades on cleaning up the cyber crime scene, always updating investigative techniques to match the threats of tomorrow.
As the EO states, “Incremental improvements will not give us the security we need; instead, the federal government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life.” Companies aiming to heed the EO directives should begin by tackling the four action items above, in partnership with the federal government.