Cybersecurity is Fundamental for Modernizing Government
Digital transformation is a strategic initiative of the federal government and has been for years, but adequate funding has never been appropriated. Digital transformation is essential within all areas of government, to deliver services faster, more reliably, and securely. In order to keep up with the global expansion of digitalization, government agencies must modernize their IT and security infrastructure. This realization has led to an increase in funding opportunities with the formation of grants like the Technology Modernization Fund (TMF).
The TMF was authorized in 2017 to provide funding and technical expertise for approved projects. TMF received $1 billion in the American Rescue Plan in January 2021 to fund modernization projects. To access TMF grants, government agencies must submit their project proposals to the Technology Modernization Board for review and go through a two-phase approval process.
The increasing need for secure digital transformation
Security threats from nation-state and non-state bad actors are escalating and targeting the government’s critical infrastructure. Last year’s attacks are examples of why we need to harden our government’s security posture. The SolarWinds attack targeted large enterprises and top government agencies and exposed sensitive data. The critical infrastructure failure in Texas’ electric grid left millions without power and water for days. Florida suffered an electronic breach into the water supply infrastructure where someone illicitly gained remote access to the system and added high levels of lye into the water.
The Biden administration has called upon Congress to launch an ambitious effort to modernize and secure federal IT infrastructure. The administration’s new TMF budget request has targeted $9 billion, of which CISA would receive an additional $690 million to increase cybersecurity across federal civilian networks.
TMF funding is important, but it’s no guarantee
Digital transformation funding is important, but there’s no guarantee the TMF funding will pass, and agencies need to implement solutions today. Even well-funded cybersecurity efforts, if poorly executed, can make government agencies complacent. High risk areas can easily be overlooked, when agencies incorrectly assume protection exists. Effective cybersecurity requires knowledge of every asset, processes that are tested and proven, and multi-layered security that is unified within a single view for deep visibility and intelligence correlation.
It’s all about mitigating risk
While modern technology to secure government assets is available today, the truth is, many agencies still have outdated technology incapable of supporting modern advances. Agencies with antiquated operating systems and hardware have difficultly moving forward with today’s new and innovative technologies. This, along with the increasing cybersecurity risks, is why the Biden administration is calling on Congress to launch the most ambitious effort ever to modernize and secure government IT infrastructure.
Traditional cybersecurity concepts are still important and are needed for good hygiene. However, we need to understand at a more fine-grained level all of the IT and network infrastructure components, including elements within agency supply chains. This is evidenced by the SolarWinds attack, that revealed the limitations in our understanding of assets connected to our networks, and how patches are tested, sandboxed and applied. To mitigate risk and ensure reliable protection of government assets, we need to know exactly where, and what, the components are across the enterprise, down to the firmware and chipsets.
It sounds daunting, but we have solutions that do this. It’s a technology problem that requires technology solutions. It is about discovering, managing and controlling assets enterprise-wide, and applying risk management principals around them. This is where information technology asset management, or ITAM, solutions become important. They discover and identify all assets and reach back to the manufacturers to enrich the data based on device models and serial numbers. ITAM enables government agencies to discover, identify, manage, authenticate, and validate every device across their enterprise.
Cybersecurity policies and processes that are ambiguous and insufficiently defined, along with siloed and disjointed technologies, pose great risks. Detecting new users and devices connecting to the enterprise, interrogating them, and determining the risk before granting access to data and resources is crucial. Understanding, at a more granular level, the components, chipsets, memory, firmware, and software that comprise every part of the enterprise is how threats are mitigated. New software and applications should be quarantined within a sandbox, with conditional access granted only to data and resources based on a risk score or assessment.
Know your assets and apply policies to enforce protections
To control and limit access, effective asset management and policy enforcement requires risk mitigation and scoring of authentication and authorization processes. Management of the everywhere enterprise is complicated, with expanding security perimeters, diverse hosting environments, and users and devices accessing from anywhere. Binding together the users, devices and credentials is what encompasses an identity, and what defines, limits, and controls access to government assets.
The United States’ transportation infrastructure of roads and bridges are inventoried and graded based upon the level of need for repair or replacement. The lower the grade, the higher the risk. By inventorying and grading this critical infrastructure, we know what needs to be done, and how to prioritize the work. The U.S. government’s technology modernization needs to focus on the same things, by understanding and inventorying diverse and distributed assets. We can determine what the assets are, and their risk factors, and apply policies to prioritize against risks.