The cyber challenges agencies face minute-by-minute, hour-by-hour and day-by-day will not decrease anytime soon.
The latest statistics say in fiscal 2017 agencies endured 35,277 cybersecurity incidents, which is a 14 percent increase over the 30,899 incidents that agencies reported in 2016.
Of those more than 35,277 incidents last year, only five reached the threshold of “major incident” due to their impact.
But as the Internet of Things or connected devices become more prominent, agencies face a greater risk of having more major incidents.
Philip Quade, the chief information security officer for Fortinet, said because of the growing use of IoT devices, agency cyber executives and other leaders should pay more attention to the ever-growing integration between information technology (IT) and operational technology (OT).
Quade, a former NSA director’s special assistant for cyber and chief of the NSA Cyber Task Force, said at one point in time, OT, which covers technology hardware and processes in the critical infrastructure sectors like valves on oil and gas pipeline or electricity as it flows through the wires, was much different than IT because the systems and networks were not connected to the public Internet.
But as those “air gap” defenses of these hardware and processes have gone away, and the government’s dependence on critical infrastructure grows, he said more and more CISOs, chief information officers and other non-IT leaders need to lead an effort to secure operational technology.
“The first step I would take in a public-private collaboration is information sharing. What is the situational awareness on the privately-operated critical infrastructure and what is the government seeing from their perspective on a threat or vulnerability side based on their own research,” said Quade on Ask the CIO Industry Insights edition. “Standards also would be part of the solution, but not the first step.”
Just recently, the Energy Department, particularly Idaho National Laboratory, which has a center of excellence performing research on vulnerabilities of OT, started to bring a greater focus to OT, releasing a multi-sector cyber strategy to protect the electric grid.
Quade said because there are 17 critical infrastructures and each federal department has a different role in supporting those sectors, the government and private sector need to work together more closely.
One solution to the integration of OT and IT is what Quade called a practical “cyber moonshot” to create a national counter-distributed denial of service (DDOS) program.
“The situation today is that each organization whether it’s the federal government or a private sector organization an entire country may pick on them and do a DDOS attack. They are left trying to set up a defense against a whole country and that’s not a fair fight, and it shouldn’t work that way,” he said. “What if the country decided to set up a national counter DDOS capability that could be used no matter who needs it. It would be some combination of public and private sector. The carriers could help with bandwidth problem. A second piece of it would be some companies who are really good about segmentation to segment off the assets or even the attacker. And lastly, it would probably involve the U.S. government. The U.S. Cyber Command might be a great place to do a mitigation upstream in foreign cyber space.”
Quade said this would benefit all organizations in terms of both reducing the cost of defense and by creating the “muscle memory” where the public and private sector learn to work together to take on cyber problems.”
Phil brings more than three decades of cyber, security and networking experience working across foreign, government, commercial and critical infrastructure sectors at the National Security Agency (NSA). As Fortinet’s CISO, Phil serves as a strategic consultant to Fortinet’s C-Level customers and partners, has responsibility for Fortinet’s enterprise and product security, and leads strategy and expansion of Fortinet’s Federal and Critical Infrastructure business. Prior to Fortinet, Phil was the NSA Director’s Special Assistant for Cyber and Chief of the NSA Cyber Task Force, with responsibilities that included foreign intelligence, Defense Department security, the White House relationship and critical infrastructure engagement. Previously, Phil served as the Chief Operating Officer of the Information Assurance Directorate at the NSA, managing day-to-day operations, strategy, and relationships in cybersecurity for classified systems. He held a variety of roles earlier in his tenure at the NSA, including as the head of the Information Operations Technology Center’s Advanced Technology Group, as a professional staffer to the U.S. Senate, at the Office of the Director for National Intelligence, and as cryptanalyst, developer, evaluator and computer scientist.
Jason Miller is an executive editor and reporter with Federal News Radio. As executive editor, Jason helps direct the news coverage of the station and works with reporters to ensure a broad range of coverage of federal technology, procurement, finance and human resource news.As a reporter, Jason focuses mainly on technology and procurement issues, including cybersecurity, e-government and acquisition policies and programs.