By Matthew Oostveen, Vice President and Chief Technology Officer, Asia Pacific & Japan, Pure Storage
The United States is generally acknowledged to have one of the most robust cyber security postures, so when the White House updates its National Cybersecurity Strategy (NCS), organisations anywhere in the world should take notice and see where they can learn to bolster their own cybersecurity systems.
The updated NCS includes initiatives to address emerging threats and realign incentives to favor long-term investments in cybersecurity and resilience. The updated strategy also aims to bolster critical infrastructures, with an increased emphasis on sector-specific cybersecurity measures for healthcare, education, and public works infrastructures such as wastewater systems.
With so many fronts in the war against cybercrime, the best place to start and most important one will almost always be in your own data center. Let’s unpack the NCS and what you can do to leverage its guidance and support.
New Threats Require New Defenses
Many of the report’s objectives are in response to technologies that could prove to be double-edged swords in the wrong hands:
⦁ Artificial intelligence, with tools like WormGPT just scratching the surface of what AI will do in the wrong hands.
⦁ Quantum computing, with “the potential to break some of the most ubiquitous encryption standards deployed today.” The National Security Agency (NSA) aims to “prioritise the transition of vulnerable public networks and systems to quantum-resistant cryptography-based environments and develop complementary mitigation strategies to provide cryptographic agility in the face of unknown future risks.”
⦁ IoT devices, which will be subject to a voluntary cybersecurity labeling program to develop the “smart grid of the future” and incentivise manufacturers to meet higher cybersecurity standards.
⦁ Smart, connected digital supply chains. One initiative includes providing access to and use of supply chain risk assessment tools along with professional analytic support services to identify, assess, mitigate, and monitor supply chain risks.
The strategy also addresses ransomware further, promising global collaborations to dismantle ransomware and state-sponsored cyber espionage.
An Important Spotlight on Critical Public Infrastructure
The pipeline disruption of 2021 taught the US government a valuable lesson: Taking out one critical infrastructure provider can have a devastating ripple effect. The first pillar of the new NCS strategy includes new mandates that infrastructure providers must meet a baseline of cybersecurity standards — including water, power grids, rail, and pipelines.
Even if your organisation is not among those in the public sector, it’s an approach worth emulating. Now is the time to be vigilant and take steps to protect the assets most important to your business.
Pillar 1: Defend Critical Infrastructure
Critical infrastructure has been making headlines in cybersecurity — including aviation, rail, oil and gas, waste and water, and energy, plus their third-party providers. It’s a priority in the NCS which will require mandatory compliance with updated frameworks from the The National Institute of Standards and Technology (NIST), the Cybersecurity and Infrastructure Security Agency (CISA), and more. Close public-private collaboration is a primary objective of this pillar, designed to drive the development and adoption of software and hardware that is secure by design and secure by default.
Pillar 2: Disrupt and Dismantle Threat Actors
The administration has vowed to use “all instruments of national power,” including adversarial takedown and disruption campaigns that target malicious actors. The strategy specifically discourages companies from paying any ransom and to implement a resilient architecture with secure backups.
This is encouraging, but organisations themselves need to also stay on the offensive, not just the defensive. This comes from knowing who attackers are and what they’re after and also having total visibility into a data estate with advanced anomaly detection. To do your part, you’ll want fast, accurate, accessible security logs, SIEM with powerful underlying storage technologies so ingest is never a bottleneck, and backup plans for the forensic process.
Pillar 3: Shape Market Forces to Drive Security and Resilience
A key theme in the strategy is reducing the onus on individuals and small businesses as the attack surface area continues to expand with third-party providers and software as a service. Enforcing more and better data compliance and privacy policies will help hold “sellers of software and hardware liable if they fail to employ recognised security development practices.”
Pillar 4: Invest in a Resilient Future
Investing in resilience includes:
⦁ Reducing vulnerabilities in foundational technology — including critical infrastructure such as storage, which should be capable of tiered backups, SLA-based recovery guarantees, immutable snapshots, and fast recovery times.
⦁ Strengthening and securing the open source software ecosystem to reduce vulnerabilities from third-party software providers.
⦁ Digital identity solutions with the “right” controls to limit or prevent compromise from non-human identities and accounts.
⦁ Deploying a clean energy infrastructure to build in another layer of resilience from increasing energy costs and outages — in line with government decarbonisation goals.
⦁ Quantum-resistant cryptography with post-quantum algorithms.
This adds up to one critical concept: a tiered resilience architecture. A resilience architecture can protect your entire data estate and is the best way to have every chance at recovering after a security event.
nice topic