The litany of security vulnerabilities this testing will reveal need to be addressed, and quickly. There can be no “risk acceptances” here—these vulnerabilities pose a real threat to the security of our country and the government needs to treat them as such.
Finally, the military analogy holds for ongoing testing and training exercises. Government security teams need to “train the way we fight” and continually hone their defensive skills. Offensive security advances (the bad guys) have long outpaced defensive countermeasures. Unless we start doing things differently, this will be the case for years to come. There’s no better time than now to change the game.
Educate, Educate, Educate
Government education programs must place a greater emphasis on computer science, engineering, and cybersecurity. Education is central in acknowledging, confronting, and reducing the threat that cybercrime poses to the government and, but virtue of that, to the rest of the country. The new administration should take seriously the measures provided by the Federal Cybersecurity Workforce Strategy and its dedication to education.
Recognize the Threat Isn’t Only External
Foreign nation states, shadowy hackers, and cyberterrorists aren’t the only ones trying to steal or destroy our data. Insider threats are just as likely to be guilty of wrongdoing as these external malefactors.
A thorough defense-in-depth program needs to account for all potential bad actors; insider threats require a different type of approach to detect and counter.
Embrace the Five Eyes
Information threats span the globe. We need to build greater cooperation with the other “Five Eyes” countries— Australia, Canada, New Zealand, and the United Kingdom—and expand programs in cybersecurity collaboration to include training, education, and testing. A multinational taskforce could more fully take advantage of the resources each nation brings to the table.
It’s Time to Act, Sooner Than Later
The security and technology landscape is not standing still for anyone, even the President of the United States. We recognize the President-elect has many issues that are equally pressing and important to tackle. However, we can’t stress enough just how important it is for Mr. Trump to show cybersecurity leadership at this time. It wasn’t a major plank in any of the election platforms, but it needs to be a key area of focus in this next administration before an attack happens that cripples the nation.
That power is there but so is the power to take a positive stance against it. That’s our greatest wish—Mr. Trump, please take this issue seriously. The fate of our nation truly depends on it.
Keith Lowry is Senior Vice President of Nuix. Chris Pogue is Chief Information Security Officer at Nuix.
This article was first published at Nuix.
If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!
Really great news!!! this information is well worth looking everyone. Good tips. I will be sharing this with all of my friends! Thank you for sharing valuable information.