Cybersecurity: Staying resilient in the face of a cyber breach
The large number of federal employees now working remotely across the nation because of the coronavirus pandemic underscores the importance of protecting the integrity of our government’s information networks. Cyber resilience is paramount even in the best of times, but our current crisis highlights how much mission-critical government work relies on secure and resilient networks.
Too often, however, many agencies consider and manage cybersecurity as a function that is separate from the mission.
Earlier this year, at an event co-hosted by the Partnership for Public Service and Booz Allen Hamilton, Karen Evans, former assistant secretary for cybersecurity, energy security and emergency response at the Department of Energy, contrasted the cyber breach response of two anonymous federal departments. The organizations’ very different approaches illustrated the concept of cyber resilience and highlighted clear lessons learned that apply today.
In these cases, hackers attacked the two departments and compromised their information networks. One department replaced all of its technology hardware with the latest state-of-the-art tools; the other reverse-engineered the cyberattack and figured out how the hacker was able to breach the department’s network.
The latter analysis uncovered other vulnerabilities the department was able to fix, while also taking the time to train employees to identify potential hacks. The former department simply addressed the challenge at-hand and did not holistically address the underlying risks.
The goal for federal agencies should be to create cyber resilience by shifting the mindset from response and recovery to detecting and protecting systems for the future, Evans said.
Assuming breaches will happen, agencies’ cyber resilience should prioritize detecting bad actors and mitigating future attacks, while continuing to serve the American public with minimal interruptions.
Key event takeaways to help agencies improve cyber resilience included:
- Understand the cyber environments—know what is on the network.
- Manage cyber risks in relationship to mission outcomes—know your critical infrastructure and what is vital to meet mission requirements.
- Prioritize training for employees to help proactively identify attacks.
The Partnership and Booz Allen’s cybersecurity event was part of a series focusing on the newest technologies and related issues. The next event, on June 17, will highlight innovative acquisition methods agencies can use to obtain the technology they need. Sign up for this event at Future Forward: Identifying Innovative Acquisitions to Capture Exponential Value. For more information, please email Madeleine Lowe at [email protected].
Brad Medairy is an executive vice president at Booz Allen Hamilton.