Government agencies face a heightened cyber threat landscape. The pace of cyber attacks is up 600 percent since the start of the pandemic, with attackers looking to exploit vulnerabilities that have emerged with the rise in remote work.
Modernized networking solutions can help to close the gaps.
The Current Risk
In addition to the shift in worker habits, we’ve seen a change in the nature of the adversary. In the past, it took significant resources to launch a cyberattack: Nation-states could do it, as could large criminal organizations. More recently, the bad actors’ tools have become more readily available.
It’s possible to buy a ransomware attack “as a service” these days. That plug-and-play capability has opened up the field, with a wider range of adversaries now able to launch cyber exploits quickly and easily. The rise of the affordable, easy-to-use “turnkey” hack means government systems are more at risk than ever.
While there are many products out there capable of meeting this challenge, agencies may struggle to implement those solutions effectively. Security has to be baked into the architecture from the outset, and must extend seamlessly across the operation. Success here lies not just in having the right solutions, but in using them in the right way.
Government can leverage advanced networking hardware to support a broader, more holistic approach to cyber defense.
A Network-Based Approach
When looking at cyber defense, it makes sense to start with the network, as this is where most cyber exploits originate. By focusing on the network, IT leaders give themselves the opportunity to head off attacks before they can impact mission-critical systems.
IT leaders can focus on configurations, in order to achieve security by default. In this model, the network itself acts to ensure that only “safe” applications and users can gain access. Security products play a role here – solutions such as web application firewalls – but again, the product is not the goal. It’s about using those products in the most effective way possible.
One common mistake, for example, is that IT teams may leave a switch’s default configurations in place. Hackers need only get access to the readily-available user manual for that equipment in order to find potential security gaps. In practice, that means for example that IT should be leaving open only the necessary ports, rather than keeping all the ports open.
They should also have a rules-based strategy to connectivity, a layered approach to access that ensures root users, super admins, and admin-level users all are clearly defined, and that those levels of access control are consistently enforced.
Proactive and Responsive Approaches
Network security tools can support both proactive and responsive safeguards.
A key proactive step is the risk assessment. IT leaders need to inform themselves of known threats, and design their networks with those risks in mind. This is not a one-and-done effort: With the risk landscape shifting, a new assessment should be done every six months.
Defenders also can leverage the responsive capability of modern networking hardware – for example by implementing automated alerts to notify IT teams of suspicious network activity. Such alerts can cut response time and help to ensure an attack does not proliferate.
Advanced solutions likewise can automatically screen both the data passing across the network, and devices trying to attach to the network. If someone wants to connect with a camera in a place where a camera doesn’t belong, for example, an intelligent switch can detect and reject that attempt. Such systems likewise can inspect within the packet to determine whether or not certain traffic is allowed.
How ALE Helps
Alcatel Lucent Enterprise OmniSwitches have been deployed in federal networks for over 20 years without a single security incident being reported. ALE puts its products through real-world trials, including penetration testing in response to the growing cyber threat. But this isn’t just about products. At ALE, security starts at the global level.
This includes Evaluation Assurance Level (EAL 2+) certification, for example, as well as ISO 27000 certification. A newly-formed organization within ALE works to ensure that security is integrated and managed at the organizational level.
This cultural approach to security is a competitive differentiator. From designers to developers, ALE incorporates security considerations at every level, ensuring that cyber protections are intrinsic at every stage, from design through to support.
To read more about security best practices, check out this whitepaper.
Vincent Lomba is the Chief Technical Security Officer at Alcatel Lucent Enterprise.
This post was first published June 2, 2022.