Between 2019 and 2020, ransomware attacks rose by 62% worldwide and by 158% in North America alone. The sophistication and widespread impact of recent cyberattacks have caused agencies and private organisations to scrutinise their cyber resilience across not only their own organisations but also their supply chains.
Data is under constant attack from advanced adversaries and threats evolving at a pace that traditional security approaches fail to protect. The government is gaining a fuller understanding of the long-term impact on the nation’s cyber posture and what needs to be done to prevent and mitigate future attacks of magnitude from happening.
While the federal government is taking steps in the right direction with the Biden administration’s Executive Order on Improving the Nation’s Cybersecurity and other ransomware initiatives, there is still much more to be done. The partnership between government and private-sector organisations will be critical to ensure the success of these initiatives for improved cyber resiliency across the nation.
These are some common vital steps to protect sensitive data:
- A renewed focus on database security
Perimeter-based security can no longer keep up with today’s changing threat landscape as agencies adopt multi-cloud architectures, employees work remotely and data is further distributed throughout an organisation. It is better to shift the focus to protect the most valuable asset: data.
A data-centric, zero-trust approach will allow agencies to adopt a risk-based model of security with a “never trust, always verify” mindset that secures data wherever it resides. By improving visibility across on-premise and cloud databases, agencies can uncover vulnerabilities, limit user access to sensitive data and get alerts of suspicious activities.
- Assume a breach
Agencies should start by assuming a breach, then determine the next steps to lessen the impact — such as implementing air gaps in the network or adding extra layers of authentication. They should also look to automate cyber monitoring and mitigation capabilities with proactive, managed threat detection and response services. Then, for an additional layer of protection, agencies should supplement this with manual testing by skilled security analysts.
- Collaborate across private/public sector
Public-private partnerships with task forces and programs are critical to improving the nation’s collective ability to detect, prevent, mitigate, respond to and recover from cybersecurity incidents. No single agency or organisation can improve national cybersecurity alone, but by working together, government agencies and their managed security service providers (MSSPs) can enable stronger threat detection and ensure the right cybersecurity technologies are in place and used to their fullest capabilities.
- Enable continuous monitoring, mitigation and testing
Advanced threats often remain hidden as they spread through networks in the background. In addition, the increasing number of devices connecting to a network — paired with the ever-changing environments they operate in — make it harder for agencies to detect and mitigate these threats. This is where it is important for agencies to ensure that access rights are constantly adjusted as employees’ roles and data locations change.
With the fast-evolving nature of today’s threat landscape, periodic vulnerability testing and threat hunting are no longer as effective as they once were. As such, in order to maintain full visibility and security, agencies need continuous monitoring, regular threat hunting and ongoing access rights reviews through managed security services.
- Train and retain cybersecurity experts
Currently, there is a global shortage of nearly 4 million cybersecurity employees. With high-profile incidents that require large workforces for response becoming the norm, ensuring adequate cybersecurity expertise is more critical than ever before. As agencies and industries recruit more professionals, they should increase resources and training for cybersecurity programs and partners.
As part of the ongoing response to combat cyberattacks, agencies across the U.S. government announced new resources and initiatives to protect American businesses and communities. As reported by OpenGov Asia, the U.S. Department of Homeland Security (DHS) and the U.S. Department of Justice (DOJ), together with federal partners, has launched a new website to combat the threat of ransomware, StopRansomware.gov.