As discussed in part one of my blog series, cyber metrics are a key component of federal cybersecurity that identifies and solves the most significant cyber challenges. Additionally, the collection of metrics allows leaders to look at cybersecurity in a holistic perspective and better pursue strategies such as the National Cybersecurity Strategy, which identifies several cyber pillars.
While developing cyber metrics, it’s important to make sure the underlying processes for gathering and analyzing the data are up to handling the task. Forward-thinking federal IT leaders will already be thinking about how these four steps can help:
- Leverage new technology. New devices are not only more powerful than those they replace but they often perform more functions as well. One new security device can replace up to a dozen different security tools and perform some IT or networking functions. This enables a “common data” and a shared “single pane of glass” that not only simplifies administration and operation across security, IT, and Operational Technology teams — it can facilitate having a common basis of measurement as well.
- Embrace AI-driven automation. Artificial intelligence (AI) and machine learning (ML) continue to transform security by providing the processing power for real-time detection and response across the complex internal and external attack surface of agencies. Much of this power is “baked in” to the products and services, but stand-alone AI and ML cyber tools can both help agencies close the skills gap and workforce shortage they face and ensure that they are applying the same standards and approaches across their agency.
- Deploy a CSMA. Gartner coined the term “cybersecurity mesh architecture” (CSMA) to describe the emergence of collaborative tools that manage cybersecurity from a single platform of interoperability — even when solutions from different vendors are being used. This type of integration is critical for security as it means there is a common format and potentially a single repository for data and analysis that can be leveraged for measurement and performance metrics.
- Find a trusted partner. Most of the innovation in creating and fielding practical cyber solutions comes from the private sector. Likewise, much of the innovation in generating metrics comes from private-sector organizations. Especially as technology advances ever-faster, agency leaders should have a formal or informal set of trusted advisors from both the public and private sectors to help them understand cyber best practices and lessons learned.
With those recommendations in mind, it’s not hard for government leaders and security teams to frame a viable approach to measuring and ultimately to driving focused improvement to their cybersecurity posture.
Cybersecurity isn’t getting any simpler or any easier. Threats are evolving, technology challenges such as AI and device proliferation abound, and citizen expectations of secure and accessible online government services are growing.
Government cybersecurity must be adaptive, and part of this means understanding what is working, what is not and how to fix it. There is no better time than now for agencies to embrace metrics over measurements. It takes a shift in mindset and a bit of cultural change, but the results are well worth the potential disruption. The security and reliability of federal networks and systems are a vital part of national cyber resilience.
Jim Richberg’s role as Fortinet’s Field Chief Information Security Officer for the Public Sector and Vice President of Information Security leverages his 35 years’ experience leading and driving innovation in cybersecurity, threat intelligence, and cyber strategy.
Before joining Fortinet in 2019, he spent 20 years at the CIA before joining the Office of the Director of National Intelligence, where he served as the National Intelligence Manager for Cyber, the senior Federal Executive focused on cyber intelligence within the US Intelligence Community. He led the creation and implementation of cyber strategy for the 17 departments and agencies of the IC, set integrated priorities on cyber threats and served as Senior Advisor on cyber issues. He also helped create and implement the whole-of-government Comprehensive National Cybersecurity Initiative (CNCI) under Presidents Bush and Obama.
Leave a Reply
You must be logged in to post a comment.