Recent high-profile public and private sector cyberattacks targeting the Colonial Pipeline, JBS Foods’ U.S.-based beef plants, a Florida water treatment facility, and Okta are putting pressure on the U.S. federal government to strengthen the country’s cybersecurity infrastructure.
The increasing number of incidents, including ransomware attacks, is “one of the most serious economic and national security threats our nation faces,” according to the Cybersecurity and Infrastructure Security Agency (CISA).
The FBI’s Internet Crime Complaint Center received 2.76 million total reported complaints about cyberattacks from 2017 to 2021, totaling $18.7 billion in total losses. The attacks were so prevalent that the FBI issued a warning to organizations involved in mergers and acquisitions and other significant financial events.
Mandating cybersecurity protections
Now in the wake of all this, the federal government is making a significant push to minimize its cybersecurity attack surface.
The Biden administration issued an executive order last year, with several actions like one urging federal agencies to adopt higher cybersecurity standards through Zero-Trust architecture. The executive order also included improving information sharing between private sector organizations and government agencies.
Federal agencies are rolling out their guidance around cybersecurity. The Department of Defense, for example, will outline 90 capabilities to achieve “targeted zero trust” that’ll eventually be implemented in each of the military services and agencies.
Jen Easterly, CISA director, earlier this year encouraged city officials to make cybersecurity “a kitchen-table issue” after the spate of high-profile cybersecurity incidents. CISA also hired cybersecurity advisors for every state.
As part of National Cybersecurity Awareness Month, we’re highlighting what some of these actions are — and how they may potentially impact organizations and government agencies.
- The State and Local Cybersecurity Grant Program: The Department of Homeland Security is providing $1 billion in funding to state, local, and territorial governments to address cyber risk to their information systems. The first-of-its-kind cybersecurity grant, which runs over four years, now has $400 million available for fiscal year 2023. It helps these governments establish critical governance frameworks against cyber threats and vulnerabilities, identify key vulnerabilities and evaluate what they need, and implement measures to mitigate threats.
- Request for information for Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA): CISA is seeking public input as it develops proposed regulations to require organizations to submit reports about cyber incidents and ransom payments.
CIRCIA, which became law in 2022, aims to provide the federal government with visibility into the frequency of attacks on U.S. critical infrastructure. The law also looks at which sectors are most at risk, and what’s the impact of those attacks. The Request for Information is seeking specifics on topics, like:
-
- The definitions of entities and incidents
- The number of organizations and incidents
- What constitutes a “reasonable belief” that a covered cyber incident happened, kicking off the 72-hour timeline to inform CISA
- When does the 24-hour timeline start to report a ransomware payment
- Cybersecurity funding for fiscal year 2023: About $15.6 billion — across a dozen spending bills — is expected to be set aside to strengthen cybersecurity efforts across federal departments and agencies. The bulk of spending ($11.2 billion) will go to the Department of Defense, while CISA is expected to be allocated $2.9 billion.
The Departments of Energy, Commerce, Health, Justice, Treasury, Transportation, and State are all expected to receive a significant increase in cybersecurity funding.
Reinforcing cybersecurity measures through asset management
The government’s mission relies on inherently complex data, from tracking medical equipment at disparate Veterans Affairs facilities, to measuring every function on a Navy destroyer, to supporting individuals and organizations alike during tax season.
And it’s a lot.
Government IT and security teams spend countless hours collecting data to satisfy security compliance regulations. Just take the CDM Security Capability, for example. It mandates agencies continually monitor hardware and software assets, and includes guidance on how to manage configuration settings and various other vulnerabilities.
Time and resources are crucial. Now that the federal government is renewing the focus on government agencies and organizations with strengthening their cybersecurity infrastructure, the pressure is on. And this is where cybersecurity asset management comes in.
Cybersecurity asset management platforms track all devices, cloud services, software, and users no matter where they’re located. All of this helps minimize the attack surface.
The top platforms like Axonius — which is an officially listed CDM tool — do this by leveraging existing IT and security tools. These platforms discover managed and unmanaged assets, enabling teams to continually conduct up-to-date inventory in real time. They provide IT and security professionals with the capability to automatically validate security controls and discover security gaps. Teams can customize triggered actions when an asset or user deviates from policies..
The best platforms provide comprehensive asset visibility to strengthen Zero Trust architectures. Teams can initiate and manage their asset inventory tasks in the background, effectively moving away from the repetitive, manual tasks to be even more proactive.
