The cybersecurity landscape is more complex for federal agencies than for just about any other sector. Federal IT leaders face security challenges from every direction while having to deal with compliance mandates and protect their widespread operations from the most persistent and sophisticated threats in the world.
The truth is that federal agencies bear the burden of an overwhelming security challenge. In fact, a report from the Ponemon Institute stated that more than half of federal IT and cybersecurity practitioners say their agency has suffered a cybersecurity incident that resulted in a significant disruption to IT and agency operations.
“In the federal government, security challenges are exacerbated because of scale, organizational silos, technical debt and procedural red tape,” says Sebastian Szykier, who leads the CDW•G Federal Cybersecurity Practice. “That means it can take them some time to address vulnerabilities. Also, they have a wide attack surface that makes it harder to defend against attacks.”
To build out an effective defense, agencies must understand the different kinds of threats they face. They need to have situational awareness on where these threats are coming from and how they are evolving.
EXPLORE: Read CDW’s white paper “How Federal Agencies Can Boost Security Against Threats.”
How to Navigate the Federal Cybersecurity Threat landscape
As agencies adopt IT modernization initiatives, they’re finding that legacy security architectures aren’t keeping pace with the threats they face. Ineffective security measures leave agencies exposed to a variety of attacks.
The situation is made even more dire by the sophistication of the adversaries these agencies face. A 2022 report from the Office of the Director of National Intelligence noted that U.S. agencies face the threat of cyberattacks from the governments of China, Russia, North Korea and Iran. These nation-states have legions of skilled, experienced cyberwarriors who are trained to take advantage of the weaknesses in their targets’ defenses.
In some cases, the threat extends beyond government systems. For example, Szykier notes that China is not only a geopolitical adversary of the U.S. but also a commercial one. In addition to China’s notorious attack on the U.S. Office of Personnel Management, as well as breaches of the State and Commerce departments, Chinese hackers have been accused of stealing data from commercial targets such as Equifax and Marriott.
LEARN MORE: How Backup as a Service fits with agencies’ adoption of zero-trust security.
How to Prevent Attacks from All Angles
Federal agencies must be able to protect their systems and data from a variety of attacks. These include:
Phishing: In these social engineering attacks, perpetrators fool their targets into actions that compromise an organization’s cybersecurity, such as exposing sensitive data or downloading malware. The Ponemon Institute reports that 62 percent of federal IT and cybersecurity practitioners cited phishing and social engineering attacks among their top cyber risks.
These attacks are particularly dangerous when agencies have unpatched software vulnerabilities or configuration vulnerabilities that attackers can exploit after using phishing techniques to bypass perimeter defenses. The Cybersecurity and Infrastructure Security Agency (CISA) cited phishing-resistant multifactor authentication tools as key to helping agencies defend against these attacks.
Insider attacks: Individuals inside an agency can compromise data either intentionally or unintentionally. Regardless of the motivation, these incidents can be devastating to national security. Notable examples include Edward Snowden, who leaked billions of pieces of U.S. intelligence to WikiLeaks in 2013, and former US Army helicopter pilot Shapour Moinian, who provided aviation-related information stolen from his defense-contractor employers in exchange for money from the Chinese government.
Ransomware: Cyberattacks that encrypt an organization’s data and deny access unless a ransom is paid remain a major threat. Federal agencies must make sure their defenses are effective against these attacks, as they generally refuse to pay ransom. “That’s a big challenge for them,” Szykier says. “Any attack that uses a data-wiping technique that impacts the availability of government systems and prevents them from delivering critical services is a major threat.”
CISA and several other federal cybersecurity agencies in May 2023 updated their #StopRansomware Guide, which aims to help organizations reduce the risk of ransomware by providing best practices to detect, prevent, respond to and recover from these attacks.
DISCOVER: How to best identify cybersecurity vulnerabilities.
Reasons Why Zero Trust Is Essential to Federal Cybersecurity
As agencies seek to defend themselves against a variety of evolving attacks, a zero-trust approach to cybersecurity has become an essential part of their defense strategies. In 2021, the White House issued an executive order that directs agencies to move toward a zero-trust architecture.
Agencies face some challenges in implementing this approach and complying with the presidential mandate for zero trust. “They need to have strong governance around how they're going to apply the tools and also maintain the tools,” Szykier says. “They need to be able to measure the effectiveness of their zero-trust strategies.”
Those that meet this challenge will find themselves in a better position to protect their systems and data against cyberthreats.
Brought to you by: