US Cybersecurity Strategy In The Trump Era

Uploaded on 2016-11-30 in FREE TO VIEW, GOVERNMENT-National, NEWS-Cybersecurity News

In a few months there will be a new Trump Administration in Washington with an opportunity to update  US national security policies.  So it’s good time to reflect on what  might might be done  differently for cybersecurity.

A quick search on the Internet will reveal many national cybersecurity initiatives. However, given the recent data theft of DNC emails and DDoS attack on Dyn it’s evident that current initiatives aren’t working. The question to ask is why?  The quick answer is that we don’t have a national cybersecurity strategy that everyone can implement.

Click on any cybersecurity initiative you desire and you’ll find comprehensive strategies developed by smart security experts.  While well intentioned the writers make the common mistake of laying out cybersecurity strategies that are too complex for most organizations.  Apart from the top 0.1% of US organizations (financial institutions and intelligence agencies), the 99.9% simply don’t have the resources to implement anything complex.

A workable national cybersecurity strategy needs to be built using simple tasks the 99.9% can implement to mitigate the most common cyber-attacks. For those organisations have a higher threat profile, a cybersecurity strategy should also offer a clear path that steps-up their security posture, when called for. Thus we need a basic requirement that everyone can implement (without exception) plus a step-up path when necessary.

Another challenge in developing a national cybersecurity strategy that uniquely American is that we are an open society where the bulk of IT tasks are outsourced.  Thus cyber attackers know exactly what we’re doing.  A national cybersecurity strategy must be based on verifiable tasks (not secret activities) that reduce cyber risk.

So here’s three things the nation can do to make it less vulnerable to cyber-attacks:

1/ Implement 2-Factor Authentication

Basic: Implementing two-factor authentication is the simplest mitigation against credential theft.  The great thing about 2-factor is there are so many free or low cost solutions out there from mobile phone texts messages to soft client tokens to email verification. So there’s really no excuse not to do this!

Step-up: For those organisations desiring to, step-up from 2-factor, there are new attribute-based access control solutions like software defined perimeter (SDP) that verify device and user identity as well as check for software tampering.

2/ Encrypt Data Stores  

Basic: Application data stores, email servers and collaboration applications should all have their data encrypted.  Ideally the private key must be on a different physical server from the storage unit and should only be assessable with 2-factor authentication.

Step-up: The next step up from encrypting data on servers is keeping it encrypted on user’s devices.  This requires a bit more work, such as issuing and managing device certificates, but makes it more difficult for cyber attackers to get to data even if they compromise the user’s device.

3/ Lockdown Servers

Basic: Scanning for open server ports is a favorite technique of cyber attackers to gain entry to an organization.  Thus closing un-used interfaces is one of the easiest mitigation techniques. This can be done by configuring the internal Firewall on Internet facing application servers.

Step-up: Implement the OWASP Top 10 controls to further insure your Internet facing servers are not vulnerable to front door attacks.  Additionally, locking down internal servers with host-based Firewalls or software defined network (SDN) is also recommended for those organisations with higher risk profiles.

Looking the short “short-list”, you’ll find the recommended tasks have been around for decades.  While not fancy they’re proven to be effective.  More important, there’s no excuse for everyone not being able to implement them!  One can only speculate that if the DNC had encrypted their email storage system and implemented 2-factor how history would be different? Or if stronger authentication would have lessened the DDoS attack on Dyn?

A national cybersecurity strategy is well within our reach. We just need to align available security tools and techniques against the most common threats. There is no reason why this cannot be done.

CTO Vision:    

Donald Trump Has A Plan for CyberWar:      US Has A Strategy To Defend Against Another Massive IoT Attack:

 

 

« AI Needed To Prevent Cyber-Attacks On Healthcare
Artificial Intelligence: AI Fact & Fiction »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Malware.lu

Malware.lu

Malware.lu is a repository of malware and technical analysis. The goal of the project is to provide samples and technical analysis to security researchers.

A10 Networks

A10 Networks

A10 Networks is a leader in application networking, helping organizations of all sizes to accelerate, optimize and secure their applications.

Scale Computing

Scale Computing

Scale Computing is an industry leading application platform for EDGE computing environments covering retail, manufacturing, financial services and government.

Information-Technology Promotion Agency (IPA) - Japan

Information-Technology Promotion Agency (IPA) - Japan

IPA is an implementing agency in Japan with a role to address Information Security, IT Systems Reliability and IT Resource Development.

Hedgehog Security

Hedgehog Security

The key objective of Hedgehog is to provide simple, effective and affordable information security improvements that support your drive to increase productivity and profitability.

Massive Alliance

Massive Alliance

Massive is a global service agency providing internet monitoring, data & security threat surveillance and reputation management.

Securepoint

Securepoint

Securepoint is the market leader in the development of professional “Unified Threat Management” solutions in Germany.

Excellium Services

Excellium Services

Excellium’s Professional Services team combines expertise and experience that complements your in-house security resources.

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI)

Cyber Forensic & Investigation (CFI) is recognized as Thailand’s leader in cyber investigations and digital forensics.

Trinity Cyber

Trinity Cyber

Trinity Cyber’s patent-pending technology stops attacks before they reach internal networks,reducing risk and increasing cost to adversaries.

BrandShelter

BrandShelter

BrandShelter specializes in providing online brand protection for companies and trademark owners.

Information Services Group (ISG)

Information Services Group (ISG)

As a leading global research and advisory firm, ISG partners with our clients to determine a future vision, lead rapid change and realize the value of your digital investments at scale.

Triangle

Triangle

Triangle enable innovative business transformation by ensuring critical hybrid infrastructures are optimised, interoperable and secure.

Invictus International Consulting

Invictus International Consulting

Invictus International Consulting are a recognized leader in full-spectrum cyber technology solutions designed to protect the security of our nation's global defense and critical infrastructure.

Q-Bird

Q-Bird

Q*Bird's mission is to provide equipment for the current, and future European quantum internet.

DYOPATH

DYOPATH

At DYOPATH we work with the single purpose of helping our clients combat the ongoing increase of cyber threats, the growth in more complex IT environments, and ever-increasing human capital shortages.