US Cybersecurity Strategy In The Trump Era

In a few months there will be a new Trump Administration in Washington with an opportunity to update  US national security policies.  So it’s good time to reflect on what  might might be done  differently for cybersecurity.

A quick search on the Internet will reveal many national cybersecurity initiatives. However, given the recent data theft of DNC emails and DDoS attack on Dyn it’s evident that current initiatives aren’t working. The question to ask is why?  The quick answer is that we don’t have a national cybersecurity strategy that everyone can implement.

Click on any cybersecurity initiative you desire and you’ll find comprehensive strategies developed by smart security experts.  While well intentioned the writers make the common mistake of laying out cybersecurity strategies that are too complex for most organizations.  Apart from the top 0.1% of US organizations (financial institutions and intelligence agencies), the 99.9% simply don’t have the resources to implement anything complex.

A workable national cybersecurity strategy needs to be built using simple tasks the 99.9% can implement to mitigate the most common cyber-attacks. For those organisations have a higher threat profile, a cybersecurity strategy should also offer a clear path that steps-up their security posture, when called for. Thus we need a basic requirement that everyone can implement (without exception) plus a step-up path when necessary.

Another challenge in developing a national cybersecurity strategy that uniquely American is that we are an open society where the bulk of IT tasks are outsourced.  Thus cyber attackers know exactly what we’re doing.  A national cybersecurity strategy must be based on verifiable tasks (not secret activities) that reduce cyber risk.

So here’s three things the nation can do to make it less vulnerable to cyber-attacks:

1/ Implement 2-Factor Authentication

Basic: Implementing two-factor authentication is the simplest mitigation against credential theft.  The great thing about 2-factor is there are so many free or low cost solutions out there from mobile phone texts messages to soft client tokens to email verification. So there’s really no excuse not to do this!

Step-up: For those organisations desiring to, step-up from 2-factor, there are new attribute-based access control solutions like software defined perimeter (SDP) that verify device and user identity as well as check for software tampering.

2/ Encrypt Data Stores  

Basic: Application data stores, email servers and collaboration applications should all have their data encrypted.  Ideally the private key must be on a different physical server from the storage unit and should only be assessable with 2-factor authentication.

Step-up: The next step up from encrypting data on servers is keeping it encrypted on user’s devices.  This requires a bit more work, such as issuing and managing device certificates, but makes it more difficult for cyber attackers to get to data even if they compromise the user’s device.

3/ Lockdown Servers

Basic: Scanning for open server ports is a favorite technique of cyber attackers to gain entry to an organization.  Thus closing un-used interfaces is one of the easiest mitigation techniques. This can be done by configuring the internal Firewall on Internet facing application servers.

Step-up: Implement the OWASP Top 10 controls to further insure your Internet facing servers are not vulnerable to front door attacks.  Additionally, locking down internal servers with host-based Firewalls or software defined network (SDN) is also recommended for those organisations with higher risk profiles.

Looking the short “short-list”, you’ll find the recommended tasks have been around for decades.  While not fancy they’re proven to be effective.  More important, there’s no excuse for everyone not being able to implement them!  One can only speculate that if the DNC had encrypted their email storage system and implemented 2-factor how history would be different? Or if stronger authentication would have lessened the DDoS attack on Dyn?

A national cybersecurity strategy is well within our reach. We just need to align available security tools and techniques against the most common threats. There is no reason why this cannot be done.

CTO Vision:    

Donald Trump Has A Plan for CyberWar:      US Has A Strategy To Defend Against Another Massive IoT Attack:

 

 

« AI Needed To Prevent Cyber-Attacks On Healthcare
Artificial Intelligence: AI Fact & Fiction »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Ikerlan

Ikerlan

Ikerlan is an R&D technology centre specialising in areas including embedded systems, industrial automation and industrial cybersecurity.

UK Cyber Security Forum

UK Cyber Security Forum

UK Cyber Security Forum is a community interest group for cyber security companies in the UK.

iONLINE

iONLINE

iONLINE delivers high quality IT services and solutions to businesses in Azerbaijan.

Cog Systems

Cog Systems

Cog Systems offer an embedded solution built on modularity, proactive security, trustworthiness, and adaptability to enable highly secure connected devices.

Tecnalia Research & Innovation

Tecnalia Research & Innovation

Tecnalia is the largest center of applied research and technological development in Spain, a benchmark in Europe and a member of the Basque Research and Technology Alliance.

Cyber Resilience

Cyber Resilience

Cyber Resilience offer an intensive program designed to help you create strategies to quickly become cyber resilient and to manage cyber risks in a measurable and predictable way.

DreamIt Ventures

DreamIt Ventures

DreamIt Ventures is an early stage venture fund that accelerates startups building transformative tech products in the fields of Healthtech, Securetech, and Urbantech.

CyberForum

CyberForum

CyberForum supports businesses from the IT and high-tech industry in all stages of their development: from startup consulting to professional staffing and even location marketing campaigns.

Cigent Technology

Cigent Technology

Cigent keeps the most valuable asset in your organization safe—your data. Our advanced endpoint and managed network security solutions prevent ransomware and data theft.

Extreme Engineering Solutions (X-ES)

Extreme Engineering Solutions (X-ES)

Extreme Engineering Solutions is a leader in the design, manufacture, testing, and support of hardware and software solutions for the embedded computing market.

Silent Quadrant

Silent Quadrant

Silent Quadrant delivers incomparable cybersecurity consulting, digital transformation, and risk management within our purpose-driven clients - empowering them to be the most resilient entities.

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startup Association (ROTSA)

Romanian Tech Startups Association is an umbrella organization that aims to promote, support and represent the interests of tech startups in Romania.

Utimaco

Utimaco

UTIMACO develops on-premises and cloud-based hardware security modules, solutions for key management, data protection and identity management as well as data intelligence solutions.

Leostream

Leostream

Leostream's Remote Desktop Access Platform enables seamless work-from-anywhere flexibility while maintaining security and constant visibility of users.

Cyviation

Cyviation

Cyviation's mission is to mitigate ever-growing and menacing Cyber Security threats, focusing on aircraft, airlines and airports.

SOCRadar

SOCRadar

SOCRadar is an Extended Threat Intelligence (XTI) SaaS platform that combines External Attack Surface Management (EASM), Digital Risk Protection Services (DRPS), and Cyber Threat Intelligence (CTI).