Jul 23 2021

Agencies Must Prioritize Planning for a Cyberattack Before It Happens

Improved communication and collaboration among agencies and vendors is one key to protecting the enterprise.

Cybersecurity concerns often spring from global drivers — a hostile nation-state wants U.S. military intelligence, an overseas competitor is looking for trade secrets, a criminal group with political ties wants to sow chaos on the internet.

But of late, the security issues seem to have become more personal. Ask any of the East Coast residents who sat in gas lines with their tanks on empty after a ransomware attack affected gasoline supplies, or the residents and tourists who had travel interrupted after malware cut down a ferry company’s ability to take reservations.

The frequency is also bringing it closer to home as well — hackers attacked meat processors, schools, water treatment plants and public transit systems in the first few months of this year. But it’s happening so often that citizens find it difficult to keep up.

Cybersecurity expert and former Federal CIO Theresa Payton says, “When the announcement came out that the Facebook data that had been stolen was now available and searchable, and people just said, ‘Yeah, OK,’ I was very surprised at the lack of response. “Everybody’s overwhelmed with life, and this is just one more thing.”

Cybersecurity Vigilance Is Key For Federal Agencies 

But cybersecurity isn’t something that can be shrugged away as simply “one more thing,” especially on the governmental level. The White House confirmed in February, for example, that nine agencies had been compromised in the massive SolarWinds attack via legitimate updates, which was attributed to Russian foreign intelligence. And in March, the Cybersecurity and Infrastructure Security Agency ordered all federal enterprises to update onsite Microsoft Exchange products because of an attack via falsified Microsoft 365 authentication credentials.

Federal officials are still trying to determine the impact of both attacks, and this week the White House attributed the Exchange hack to malicious actors tied to the Chinese government. They are reminders that preparation and vigilance are key when it comes to attempting to prevent cyberattacks.

Close cooperation and communication among agencies, customers and vendors are primary remediation and prevention goals as malicious actors take advantage of the chaos that began in 2020.

RELATED: Zero-trust security depends on role-based access management.

Agencies Should Ask CISA for IT Security Help

In fact, the Biden administration’s executive order on improving the nation’s cybersecurity specifically asks for this kind of cooperation, calling for standardized cybersecurity requirements for unclassified systems; improved communication between agencies and cloud service providers; and new guidance for vendors on testing product source code.

Ben Bourbon
Cybersecurity isn’t something that can be shrugged away as simply ‘one more thing,’ especially on the governmental level.”

Ben Bourbon Vice President, Federal Sales, CDW•G

Agencies may need assistance adapting to the increased pace of these new, more targeted attacks, and as they modernize to keep up, additional third-party products may be on their shopping lists. 

Where can they turn? CISA, of course; the agency is the government’s Cybersecurity Quality Services Management Office, providing shared services to help agencies standardize, upgrade and better integrate their cybersecurity capabilities.

But IT partners and third-party vendors are also valuable resources for cybersecurity aid, because their reputations are as much on the line after an attack as the victimized agencies.

These enterprises have begun focusing as much on solutions and consultation as selling products, guiding federal customers to the best and most secure technology necessary in these troubled cyber times. Those who understand the technology and the products best should ensure that they have a direct line to their federal customers, and be ready to help in case of emergency.

But there’s also increasing awareness that responding to threats is not enough, that being proactive is a better way to protect both the technology and the agency. No agency and no vendor want to be the next to create headlines because of a damaging attack, and no agency wants to see citizen services affected, either.

In these days when U.S. residents are highly dependent on government assistance through emergency loans, stimulus checks and free vaccines, protecting the IT infrastructure that delivers those services is important. Asking for help before trouble strikes is critical.

gorodenkoff/Getty Images