US Cybersecurity Strategy In The Trump Era

In a few months there will be a new Trump Administration in Washington with an opportunity to update  US national security policies.  So it’s good time to reflect on what  might might be done  differently for cybersecurity.

A quick search on the Internet will reveal many national cybersecurity initiatives. However, given the recent data theft of DNC emails and DDoS attack on Dyn it’s evident that current initiatives aren’t working. The question to ask is why?  The quick answer is that we don’t have a national cybersecurity strategy that everyone can implement.

Click on any cybersecurity initiative you desire and you’ll find comprehensive strategies developed by smart security experts.  While well intentioned the writers make the common mistake of laying out cybersecurity strategies that are too complex for most organizations.  Apart from the top 0.1% of US organizations (financial institutions and intelligence agencies), the 99.9% simply don’t have the resources to implement anything complex.

A workable national cybersecurity strategy needs to be built using simple tasks the 99.9% can implement to mitigate the most common cyber-attacks. For those organisations have a higher threat profile, a cybersecurity strategy should also offer a clear path that steps-up their security posture, when called for. Thus we need a basic requirement that everyone can implement (without exception) plus a step-up path when necessary.

Another challenge in developing a national cybersecurity strategy that uniquely American is that we are an open society where the bulk of IT tasks are outsourced.  Thus cyber attackers know exactly what we’re doing.  A national cybersecurity strategy must be based on verifiable tasks (not secret activities) that reduce cyber risk.

So here’s three things the nation can do to make it less vulnerable to cyber-attacks:

1/ Implement 2-Factor Authentication

Basic: Implementing two-factor authentication is the simplest mitigation against credential theft.  The great thing about 2-factor is there are so many free or low cost solutions out there from mobile phone texts messages to soft client tokens to email verification. So there’s really no excuse not to do this!

Step-up: For those organisations desiring to, step-up from 2-factor, there are new attribute-based access control solutions like software defined perimeter (SDP) that verify device and user identity as well as check for software tampering.

2/ Encrypt Data Stores  

Basic: Application data stores, email servers and collaboration applications should all have their data encrypted.  Ideally the private key must be on a different physical server from the storage unit and should only be assessable with 2-factor authentication.

Step-up: The next step up from encrypting data on servers is keeping it encrypted on user’s devices.  This requires a bit more work, such as issuing and managing device certificates, but makes it more difficult for cyber attackers to get to data even if they compromise the user’s device.

3/ Lockdown Servers

Basic: Scanning for open server ports is a favorite technique of cyber attackers to gain entry to an organization.  Thus closing un-used interfaces is one of the easiest mitigation techniques. This can be done by configuring the internal Firewall on Internet facing application servers.

Step-up: Implement the OWASP Top 10 controls to further insure your Internet facing servers are not vulnerable to front door attacks.  Additionally, locking down internal servers with host-based Firewalls or software defined network (SDN) is also recommended for those organisations with higher risk profiles.

Looking the short “short-list”, you’ll find the recommended tasks have been around for decades.  While not fancy they’re proven to be effective.  More important, there’s no excuse for everyone not being able to implement them!  One can only speculate that if the DNC had encrypted their email storage system and implemented 2-factor how history would be different? Or if stronger authentication would have lessened the DDoS attack on Dyn?

A national cybersecurity strategy is well within our reach. We just need to align available security tools and techniques against the most common threats. There is no reason why this cannot be done.

CTO Vision:    

Donald Trump Has A Plan for CyberWar:      US Has A Strategy To Defend Against Another Massive IoT Attack:

 

 

« AI Needed To Prevent Cyber-Attacks On Healthcare
Artificial Intelligence: AI Fact & Fiction »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Cyberis

Cyberis

Cyberis are pioneers in customer-focussed information security. Since 2011, we’ve been helping businesses protect their brands, customers and reputation.

Security Magazine

Security Magazine

Security, the business magazine for security executives, focuses on management issues facing top security professionals and effective solutions being employed, both physical and cyber.

Optimal IdM

Optimal IdM

Optimal IdM is a leading global provider of identity management solutions and services.

Exprivia

Exprivia

Exprivia is active in the design, development and integration of IT systems including cyber security.

Suprema

Suprema

Suprema is a leading global provider of access control and biometrics solutions.

TUV Rheinland Group

TUV Rheinland Group

TUV Rheinland Group is a testing services company with nearly 145 years of technological experience. We help you to protect your systems comprehensively, proactively and permanently.

Quest Software

Quest Software

Simple IT management for a complex world. Whether it’s digital transformation, cloud expansion, security threats or something new, Quest helps you solve complex problems with simple solutions.

Astaara

Astaara

Astaara is an integrated insurance services and risk management advisory business incorporating cyber risk advisory, underwriting and analytics.

Falcongaze

Falcongaze

Falcongaze SecureTower is a comprehensive DLP solution for the protection of business against internal threats.

Digital Beachhead

Digital Beachhead

Digital Beachhead has the expertise to provide a range of Cyber Risk Management and other Professional Services with specifically tailored solutions at competitive prices.

Everything Blockchain

Everything Blockchain

Everything Blockchain offer solutions that transform enterprise data-management capabilities. Increased efficiency, super-charged performance and all with government grade security.

Aegis Security

Aegis Security

Aegis Security helps clients to secure their systems against potential threats through pre-emptive measures, such as security assessments, and cutting-edge solutions to security challenges.

Polestar Industrial IT

Polestar Industrial IT

Polestar work on both sides of the IT & OT divide. Network, Data & Asset Security is our priority. Polestar installations are robust and resilient and comply with the appropriate security.

RB42

RB42

RB42 (formerly Nexa Technologies) provide cyber defense solutions (ComUnity, secure and encrypted messaging, detection of interception tools, etc) and cyber defense consultancy service.

SequelNet

SequelNet

SequelNet is an emerging MSP, providing 360° business IT solutions and consulting services.

Cloud Native Computing Foundation (CNCF)

Cloud Native Computing Foundation (CNCF)

CNCF seeks to drive adoption of cloud native technologies by fostering and sustaining an ecosystem of open source, vendor-neutral projects.