From global risks to global visibility: A new paradigm for cyber in a connected world
- By Jason Zann
- Jan 09, 2019
The Governent Accountability Office’s Oct. 9 report detailing cyber vulnerabilities in critical weapons systems may have gained national headlines, but it’s no shock that government cyber resources face higher threats than ever. Connected infrastructure, growing data aggregation, multiplying mobile apps and cloud computing are all features of the modern IT landscape, brought to you by the internet, which continues to change the way agencies do everything from enabling the warfighter to providing citizen services.
However, this change also comes with an unprecedented amount of “shadow IT,” rogue infrastructure and general lack of understanding of exactly what an agency is responsible for securing.
The rapid shift to internet-enabled workloads means that compliance, threat actors and IT management continue to become more complex. In the world of global risk, the very questions security managers must ask themselves have changed.
When a vulnerability comes out in a content management system (i.e., Drupal), the question is should not be, “Is this bad?” but rather, “Where is the Drupal installation for which I'm responsible?” Likewise, when an IOC (indicator of compromise) is produced, the question is not, “Is it bad?” It’s, “Why is it bad?” and “What else is it related to on the internet that may also be bad?”
In short, agencies cannot protect or investigate what they don’t know about. With any agency infrastructure, workload, application or dataset connected to the public internet, today's reality of is that threat actors often have a better understanding of a network's most significant vulnerabilities than the agency does.
“The complexity of managing internet visibility is a challenge for every organization today,” Ann Barron-DiCamillo, the former director of the United States Computer Emergency Readiness Team, said at recent private event at the National Press Club in Washington, D.C. “Traditional security stacks do not address these internet visibility challenges; we need to think about the problem differently.”
So how do agencies even begin to address these vulnerabilities? The key is a paradigm shift in how cyber professionals engage with the public internet -- not just as a risky environment, but as the great technology equalizer. This shift in thinking offers a strategic advantage for anyone willing to embrace it. It will not only futureproof where the agency is going, but also directly address the current visibility challenges the internet poses.
In the financial world, where there is a huge priority on cybersecurity for IT infrastructure, we’re seeing a huge change in how institutions address their internet posture. The threats and potential consequences for government agencies are every bit as serious.
Jason Zann is vice president, head of platform at RiskIQ.