Today’s agencies have more sprawling IT environments to defend than ever. In the past, cyberdefense meant securing agencies’ network perimeters. However, modern agencies must think beyond their office walls and protect modern networks ranging from cloud computing to remote work systems.
Even worse, the more agencies’ attack surfaces grow, the faster the rate of sprawl seems to increase. Changes like these once took years or months but now take weeks or days. With IT environments ballooning at unprecedented speeds, staying in the loop about the latest cyberthreats, software and vulnerabilities can overwhelm any agency.
Vendors are dealing with the same challenges. Going forward, the public and private sectors will need to defend their IT environments together if they are to stand a chance against the latest cyberthreats.
“It is critical we cooperate better,” said Tim Brown, Chief Information Security Officer and Vice President, Security at SolarWinds, an IT operations management software provider. “Cybersecurity has to be a factor in everything the government does.”
Brown shared three ways agencies can work with private-sector businesses to improve both parties’ resilience.
1. Designate crown jewels
An agency’s crown jewels are the assets critical to its mission. Whether these resources are data, people or something else, crown jewels anchor organizational resilience. If their crown jewels are compromised, agencies cannot function, let alone serve constituents.
“When you’re designing security for an environment, it’s important you can treat someone like an administrator as special,” Brown said as an example. “It’s okay to treat some individuals or applications as special.”
After identifying their crown jewels, agencies can create plans for preventing, detecting and recovering from attacks against these valuable components.
2. Form public/private partnerships
Currently, most agencies leverage a mix of public- and private-sector products and services. At every level, these agencies need to pick vendors that will meet their unique needs for concerns such as cyberthreat detection.
Take intelligence agencies. They may handle data with national security implications, so they may need stronger cyberdefenses than civilian agencies. When picking vendors, these agencies will want partnerships with only the most reputable cybersecurity companies.
“Collaboration is critical for us as a community to move forward,” Brown said. “We need to be open about how software is developed and we believe the recent Executive Order on Federal Cybersecurity and the recent nominations for critical cybersecurity leadership positions are important steps towards achieving a collective and collaborative defense posture.”
3. Build baselines
Baselines are patterns of normal behavior that can help agencies determine unusual, even malicious, activity. Using software tools from providers like SolarWinds, agencies can establish routines for their entire IT environments.
Presently, agencies must govern everything from databases to application performance. Without tools to measure the resilience of these areas, agencies may miss potential disruptions.
“A well-managed environment becomes a secure environment,” Brown said. “Without management, you can never, ever be secure.”
This article is an excerpt from GovLoop’s recent guide, “Bouncing Back: How Your Agency Can Handle Disruption and Embrace Resilience.” Download the full guide here.