Lessons from U.S. CyberWeek: Why cyber security is a team sport

As we continue to follow U.S. CyberWeek 2020, the focus today was trust, collaboration and securing the cloud. Experts from government and industry shared their insights on topics that not only impact the United States, but the world over. The key lessons? Information sharing, both interagency and agency to industry, is an essential factor in securing our borders and organisations. And securing the cloud is key in an era of “deperimiterisation”. Here are some highlights from today’s discussions.

The FBI’s new strategy: Stronger together

It’s no secret there’s been a serious disconnect between how disparate federal agencies collect and manage cyber treat information, both from an interagency standpoint and out to the private sector. The U.S. Federal Bureau of Investigations (FBI) presented its new strategy to build trust and create transparency both with their counterpart agencies and with the private sector. Uniting with other federal agencies to form common cyber security messaging to the public is an important part of this initiative. It was formed out of the realisation that disjointed cyber messaging left the public feeling confused and anxious about what the threat landscape looked like. And let’s be honest, the threat actors were banking on the citizens’ ignorance when they looked for targets.

With this new strategy, the FBI can bridge the gaps in public awareness imposing risk and opposition to adversaries. Relying heavily on long-term trusted relationships, it’s intended to foster a two-way dialogue between the government and the private sector, promoting a stronger culture of security across the nation.

Sharing threat intelligence, one community at a time

When it comes to intel sharing, the FBI is not the only player in town. The LA Cyber Lab, a public-private partnership providing cybersecurity education and support to the local community, has proven to be an incredible resource to the Small and Medium Business (SMB) community in the Los Angeles area. According to Glenn Haddox, President of the LA Cyber Lab, cyber security is a team sport. The organisation puts a localised lens on cyber information sharing, intended to provide local businesses a greater understanding of the threat landscape and how cyber alerts fit into the context of their businesses and community. The LA Cyber Lab provides information and actionable steps for businesses and citizens to take to protect themselves against current cyber threats. Information sharing scales by communities investing in these kinds of services for their local business to rely on, and then those communities connecting to others with similar services. The vision of this program is to create operational and strategic threat intelligence sharing across the globe, one community at a time.

Accelerating public sector transformation through the cloud

As was mentioned in the talks yesterday surrounding Zero Trust, the global pandemic has accelerated the need to transition to cloud-based solutions. According to Rajiv Gupta, SVP of Cloud Security Business Unit at McAfee, cloud solutions improve agility, operational effectiveness and scalability. The use of cloud services in both the public and private sector has grown exponentially with the manufacturing industry seeing a 144% increase in cloud services from January to April 2020. This business transformation has also expanded the landscape vector and increased the velocity at which threats occur. The transportation industry has seen a 1,350% increase in cloud threats during that same period. Adding to the increase in threats is the increased use of unmanaged device traffic (personal smart phones, computers, and tablets) spawned from the WFH environment.

The era of “deperimeterisation”

The notion of “deperimeterisation” coined by Paul Simmonds, a member of the Jericho Forum, has become the term of the year. Borders have all but disappeared and so has the traditional methods of access control to data. Enter Zero Trust Architecture: trust no one, verify everything, and provide the minimum viable permissions. CISOs need to not only protect the front door and the back door of their data sets, but also know where all side doors are. Cloud-based collaboration tools, such as Microsoft Teams, are trusted apps being used globally to store and share files. However, other custom applications are being used for the same purpose throughout organisations and understanding how people access the data and how it’s processed in those applications is key. It’s important to understand that data leaks can come from any of the “doors” that provide access to information.

Securing the cloud

Adopting a cloud environment isn’t, however, an insurmountable task. Here are some actionable steps CISOs can take to secure cloud applications:

  1. Perform a risk assessment: Include stakeholders from all departments to get a clear understanding of all cloud applications being used in your organisation. Ensure there’s executive management sponsorship by demonstrating to them the long-term benefits of the program.
  2. Identity management: Implement an identity management program that fits your organisation’s operations. Utilise built-in multi-factor or adaptive authentication features.
  3. Work with trusted partners: Automation of security functions is important.
  4. Align your organisation with trusted partners who share in your culture of security.
  5. Avoid friction: User experience needs to be positive throughout the process of data usage.

The “cloud” is the glue that is binds agencies and organisations together for real-time data sharing. It’s efficient, cost effective and has changed the way that we look at solving problems and doing business. The cloud is the real hero in this pandemic. It gave organisations the opportunity to pivot and adapt to extraordinary circumstances while keeping business operations going.

Check back tomorrow for more updates from U.S CyberWeek 2020. Daltrey.com/blog/