Home Civilian based defense Visibility and modernization are the keys to cybersecurity – MeriTalk

Visibility and modernization are the keys to cybersecurity – MeriTalk


As the federal government continues to focus on improving the country’s cybersecurity hygiene, Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said on Nov. 18 that the visibility and modernization are the keys to improving the country’s cybersecurity posture.

At Palo Alto Networks’ Public Sector Ignite conference, Easterly said these are two points she and CISA have emphasized in conversations with federal and public sector partners.

“You know, if you can’t see it, you can’t defend it,” Easterly said at the event. “We’re working to really centralize visibility to improve incident detection on federal government networks. … I mean it’s a pretty easy concept to say, “If you can see, you can defend it,” but it’s a lot harder to implement at the end of the day. “

Easterly joked that she often told the head of US Cyber ​​Command, General Paul Nakasone, that he had a “much easier” job of defending Department of Defense networks than the CISA. overseeing the networks of federal civil agencies which constitute a “patchwork” of 102 different federal and tribal people. agencies and departments.

“There’s a lot to be done in determining how we’re going to be able to increase visibility,” Easterly said. “So we do this by instantiating endpoint detection and response capabilities; we do this through our ongoing diagnostic and mitigation program; we are taking advantage of the new permissions we have to allow us to persistently hunt on federal government networks. … And I think this is all going to get us to a better place.

Easterly also highlighted other strategies CISA is putting in place to improve visibility across federal networks, such as moving to a zero trust architecture, looking to focus on object-level data, moving to cloud services. and improve investigation and correction techniques. However, Easterly also noted that modernization will be a big factor in getting the capabilities needed to increase visibility.

“At the end of the day, I just want to measure the expectations a bit,” she said. “It’s a huge job to do. We’re going very aggressively, but a lot of it is about ensuring that the investments are made. “

“Visibility is a word; the other word is modernization, ”said Easterly. “And it’s also going to take a lot of work at all levels. But I’m more upbeat and optimistic about this path forward than I have possibly ever been. “

Source link