[ad_1]
Just over a year after President Joe Biden signed an executive order (EO) aiming to address outdated security models and software supply-chain security, there has been a “renewed focus” on collaborative efforts around securing federal networks, said government officials during a subcommittee hearing this week.
However, federal agencies continue to grapple with overarching challenges in attracting top cyber workforce talent and building up the resources needed to respond to threats, government officials pointed out. At the same time, several lawmakers expressed concerns about agencies meeting the many deadlines set by the EO for implementing various security measures.
“Our nation is at a turning point in cybersecurity, and the executive order helped us make that turn and took important steps toward driving the change we need to see. But we have a tremendous amount of work we still have to do,” said Eric Goldstein, executive assistant director for cybersecurity with the Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday. “There’s more work to do on security and IT modernization across the entire civilian federal branch.”
Government officials agreed that the EO represented a call to action and since then has spurred many collaborative efforts. These common goals have centralized around making systems more secure by implementing a zero trust model, with “key accelerants” for this effort coming in the form of CISA’s zero trust maturity model, a roadmap for agencies to reference as they transition towards a zero trust architecture, and the Office of Management and Budget’s (OMB) national zero trust strategy that gave a firm deadline for federal agencies to implement a zero trust strategy along with various other security measures.
Another top priority has been the implementation of endpoint detection and response (EDR) capabilities across federal civilian executive branch networks, which was one of the security gaps that the U.S. government specifically tried to address on the heels of the SolarWinds attack. Goldstein pointed to the expansion of EDR and CISA’s Continuous Diagnostics and Mitigation (CDM) program as a way for the agency to gain “extraordinary centralized visibility into threats and risks in federal agencies.” The cornerstone of the CDM program has been the rollout of a dashboard that displays data about devices, users, privileges and vulnerabilities, which has been leveraged by 65 agencies so far.
While CISA has only provided EDR capabilities to 15 agencies so far, Goldstein said that currently the agency is in the process of deployment across 26 agencies and they “expect to be underway” at 53 agencies within a few months.
“Not even a year and a half into the executive order, we will have EDR deployments in place underway at over half of the federal government, with more to come,” he said. “The work needs to continue.”
Christopher DeRusha, deputy national cyber director for federal cybersecurity at the Office of the National Cyber Director, and federal chief information security officer for the OMB, said that the EO has attempted to tackle both “root-cause issues” that will take longer to solve, like contract clauses, in addition to significant efforts for security measures with more immediate impact, like multi-factor authentication (MFA) and encryption.
“We picked these measures as the highest measures of priority, in terms of [applying metrics to] them, having engagements with not just CIOs and CISOs, but senior agency leaderships, meeting with deputy secretaries, tracking progress and learning about barriers to success,” said DeRusha.
[ad_2]
Source link