Following recent cybersecurity attacks that may have revealed secrets and critical information to Russia, the U.S. government is scrambling to reinforce the nation’s cyber defenses. With access to the data and emails of at least nine U.S. government agencies, officials are worried future hacks could target or damage critical infrastructure. Now under the realization that federal agencies lack the proper tools and budget needed to counter sophisticated threats, officials are searching for ways to better protect critical information.
For starters, a wave of spending is likely upon us. At a White House briefing on Feb. 17, 2021, the deputy national security adviser for cyber and emergency technology Anne Neuberger said, “It’s [the attack] really highlighted the investments we need to make in cybersecurity to have the visibility to block these attacks in the future.”
But what about now – how can federal agencies better protect critical information today? It starts by actively preventing threats at the source. Here we detail a few of our favorite government qualified tools to target top threats:
- Ransomware protection: Notorious for many recent and disastrous federal cyberattacks, ransomware is an ever-evolving form of malware that has become increasingly prevalent in local, state and national agencies. To beat the increasing sophistication of these attacks, you need to invest in advanced network security tools that grow and learn alongside your network. Ransomware protection, like everything else, benefits from a layered security approach; we help our gov clients properly segment and control data paths to prevents spread of malware; we specify best-of-breed endpoint security solutions (EPP and EDR); we work to prevent malware entry through email and train end users on security and phishing attack prevention; we help with hardened backup solutions; we architect with NAC microsegmentation and ZTNA, and for a subset of federal orgs, we offer our SOC-as-a-Service with full Managed Response and Detection including automated containment.
- Authentication: The onset of remote work has exasperated security challenges across the government sector. One challenge that has been heightened by remote work is authentication. MFA offers an added layer of protection that prevents attackers from malicious access via user credentials by requiring additional details from the user. Different 2FA/MFA solutions meet different needs and we work with several providers as well as offer services to configure critical network assets and remote access for MFA.
- Endpoint protection: According to IDC, endpoints are the origin point for 70% of successful breaches in government agencies. That’s huge – employees working remotely increase the threat surface through the endpoints they use and how they use them. Luckily, you can improve endpoint security by deploying EPP and EDR, which extend “LAN-ish” and datacenter-grade security out to the edge. With today’s next gen endpoint security solutions, we help gov clients layer additional security with malicious activity detection plus extend critical security functions typically found in firewalls and gateway appliances to each user’s laptop – wherever they may be.
Where do we go from here? On a national scale, President Biden announced that he plans to release an executive order that will include nearly eight measures intended to address security gaps exposed by the SolarWinds hack. He also proposed expanding the budget of the CISA by 30 percent.
In the past few months, lawmakers created a national director of cybersecurity position and granted the CISA increased authority to hunt for threats across civilian government agencies. Prior, they had to be invited.
As cybersecurity remains a topic of discussion across the government sector, we’re here to answer your questions and ensure your organization is equipped to handle the current landscape.