One year after the Biden administration announced the Executive Order on Improving the Nation's Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA) Executive Assistant Director for Cybersecurity Eric Goldstein outlined the agency's priorities for 2022 and beyond.
In the elevated global threat environment, there are several steps that security leaders can take to ensure the safety of their organizations' information systems. Goldstein highlighted the below priorities in a webinar hosted by Billington CyberSecurity.
1. Maintaining necessary information and resources to manage cyber risk
According to Goldstein, every organization in the U.S. needs access to threat intelligence and cybersecurity services.
"Many organizations are what we often call 'target rich, but resource poor,'" said Goldstein. "They may be targeted by advanced adversaries, but can't always afford, at least in needed timeframes, these sorts of controls and other mitigations that are needed."
Goldstein highlighted CISA's Shields Up initiative as a source for national cybersecurity threat intelligence, as well as the agency's list of free cybersecurity services, which can both aid organizations with fewer resources to protect their vulnerable attack surfaces.
2. Building public-private security partnerships
Log4j and the cyberattacks connected to the Russia-Ukraine conflict have brought the need for collaboration between government entities and enterprise organizations to the forefront.
Cybersecurity leaders at the National Security Agency (NSA), CISA and the Federal Bureau of Investigations (FBI) Cyber Command are working with security leaders at large U.S. enterprises to ensure the cybersecurity and compliance of the private sector.
3. Developing a proactive cybersecurity strategy
Key to cybersecurity defense is mitigating cyberattacks before they happen. The goals of CISA's proactive cybersecurity planning include "actually identifying risks, the worst case scenarios that could affect our country after a cyber intrusion, and then developing proactive cyber defense plans that the government and the private sector can exercise together and execute together to drive down risks before these sorts of negative events happen," said Goldstein.
4. Implementing security by design
Moving towards proactive security planning, the cyber field needs to adopt a technology ecosystem that is secure by design, according to Goldstein.
Promoting the use of Software Bills of Materials (SBOMs) and zero trust strategies can help to maintain the cybersecurity of information technology (IT) tools. In addition, organizations should aim for "strong software and hardware asset management," said Goldstein.