Every year brings new opportunities for federal IT professionals to reduce risk by addressing threats—both existing and emerging—with new tools, technologies, and tactics. This year has proven to be a little different, with the emergence of COVID-19 forcing federal agencies to make the jump to remote work. Although the world at large is currently working from home, bad actors from criminals to nation-state actors are still working, too. They’re well aware your staff may be distracted or unable to work as normal.
This is an ideal time to update your cybersecurity plan to enhance your agency’s security posture and achieve mission success for the remainder of the year and beyond. Here are three things in particular that federal IT pros can do to create a lasting difference.
Follow up training with evaluations
Let’s start with training. Effective employee training is a cornerstone of a sound cybersecurity program. Your agency may have already created a security newsletter, hosted brown bag lunch seminars to raise awareness of existing cybersecurity risks, and/or may actively be implementing security training.
Have you considered adding evaluations after completing a training exercise? Far too many training events have finite ends with no requirement for follow-through. Adding post-event evaluations allows you to evaluate the success of each effort. How well was the information presented? How well was it retained? Can you demonstrate the effectiveness of your cybersecurity training effort? Unless you’re capturing retention in the form of quizzes and documenting each training effort with after-action reports, you may be missing the results of your organization’s training efforts.
Automate access restrictions through new tools
Access is another area ripe for attack and, therefore, is a wise focus for enhanced security. Your agency likely has information and applications located in multiple locations across your network. As your network grows more complex, managing access rights becomes more complex, too, especially as employees and their work locations change.
Consider taking advantage of tools designed to automate access restrictions across a network. An automated approach will reduce time-consuming manual restriction methods. It can even apply access restrictions automatically to any number of applications, data stores and devices residing on your network by creating groups and roles managing access programmatically. Once the access control tool has been configured and implemented, don’t forget to enforce multi-factor authentication wherever possible to support effective access control.
Implement multi-faceted security protection
Finally, consider the increasing complexity—and blurring boundaries—of your agency’s network. The network may have components residing in multiple geographical locations and logical segments: on-premises hosting, cloud service providers’ offerings, third-party services and tools, and beyond.
To be most effective, your cybersecurity plan should implement multi-faceted security protection mechanisms designed to secure a complex, growing network. Consider implementing security tools located in each of these disparate segments, especially the security tools provided by your cloud provider. If your network isn’t sufficiently segmented, consider implementing additional segmentation. Segmentation offers the advantage of permitting a federal IT professional to shut down a network segment either under attack or operating anomalously without impacting the function of other network components.
Remember, adversaries remain persistent. The world is currently distracted, potentially making your agency’s network a more vulnerable target. None of the methods outlined above by themselves will mitigate all risks. This said, taken together, each is a solid step toward providing a more secure operating environment and strengthening your agency’s security posture.