3rd Annual Gigamon Cybersecurity Summit: Buying Down Risk in Federal Networks
On May 10 in Washington, D.C., our Federal Government team hosted the third annual Gigamon Public Sector Cybersecurity Summit. Headlined by U.S. Rep. Barbara Comstock of Virginia, one of Congress’s leading voices on cybersecurity, and P.W. Singer, bestselling author and modern cyber warfare scholar, the event took a deep dive into best practices and strategies to buy down risk on federal networks.
In addition to thought-provoking keynote speakers, this year’s event featured two panels composed of eight public and private sector experts representing organizations such as the National Institute of Standards and Technology, the U.S. House of Representatives, the Department of Homeland Security, Liberty Group Ventures, Booz Allen Hamilton and Parsons to explore the operational side of buying down risk and the role policy and regulations play.
Public and private sector attendees came to participate in the workshops, connect with strategy resources and network with peers. Below are some of the highlights and emerging themes from the presentations and conversations on the challenges and strategies that the federal sector must face in the war of cyber defense.
The Surface Area for Cyber Attacks and Breaches Is Only Growing
“We find ourselves today at a place where we are almost at breach fatigue, but where do we see cyber risk when we look to the future? Will we learn to live with the breaches and move on, do we see the risk going away or do we see it worsening?” began Gigamon CTO Shehzad Merchant, as he set the stage for the event.
Both keynote speaker Singer and Merchant emphasized that attacks of a larger scale are inevitable, due to the increased use of IoT (Internet of Things) devices. The rapidly growing number of IoT devices exponentially increases the surface area for an attack, requiring not only more advanced defense techniques, but tactics to prevent high-risk infiltrations altogether. Failure to do so no longer results in attacks just on data and information, but now also on flesh, blood and steel.
These tactics can be encapsulated as “buying down risk,” and include basic hygiene such as firewalls and segmentation, combined with machine learning to build context and triangulate intent before traditional enforcement ever becomes necessary.
“There are a lot of tools within government that are aimed at anticipating where the problem is going, but it’s as much about learning from the past as it is projecting into the future,” said Kiersten Todt, managing partner of Liberty Group Ventures LLC.
Todt was adamant that we need a cultural shift to how we face security — not as just a compliance checklist, but instead as priorities that we create and constantly evaluate by asking the question: “What actually works best for my organization?”
“Taking advantage of the capabilities of technology to allow for automation is very exciting and shows great potential. Those are the controls that are easy to monitor and it becomes a lot easier to evaluate,” said Adam Sedgewick, Senior Advisor, ITL, NIST. “In many ways the enemy [of cyber security] is complexity. We need to understand, manage and address the risk.”
Profit-Motivated Actors Will Use Ransomware for Even More Insidious Attacks in the Future
Previously, the primary danger of a cyberattack would be the information inadvertently shared with the intruders, which they could then leverage for their own financial gain. With the advent of crypto-malware, after an intrusion the major concern is not solely limited to theft of saleable data, but also includes the potential for the inability to access one’s information, such as the attacks witnessed earlier this year on the City of Atlanta and Baltimore’s 911 dispatch system.
Event keynote speaker Singer highlighted that threat actors are now profiting more than ever, with the average take per victim at $1,017 in 2018, up from just $294 in 2014. Singer emphasized that even more insidious attacks loom, and he believes that more advanced threat actors will shift from holding data hostage to holding machines needed to operate systems hostage.
For example, consider ransomware that holds a car at 65 mph on the highway hostage or holds hostage a loved one’s IV or heart monitor in a hospital. As ransomware begins to take new forms and reach more critical operating systems, waiting for patches could be disastrous.
The Risks in Our Shifting Cyber Landscape Will Inevitably Drive Policy Changes
As organizations and agencies increasingly integrate connected devices into their networks, the way we manage attacks and the politics of cybersecurity must change with our tactics as well.
One instance of technological advancements necessitating policy change is called the “Security Dilemma” — described by Merchant as a dilemma that federal actors will increasingly face. In this situation, as nation-states naturally begin to take measures to boost their security, the actions by a state intended to heighten its security can lead other states to respond similarly, thereby escalating tensions and creating conflict even when no side really desires it. The result of this behavior creates the political climate for a new kind of arms race.
From a policy perspective, Rep. Barbara Comstock stated that Congress is focused on stronger infrastructure, providing more resources and money for the states to have improved cybersecurity.
This year’s summit was teeming with industry insights, observations from brilliant thought leaders, and technical expertise from attendees and speakers alike who are defining the future of our nation’s security landscape. Thank you to all who attended and sponsored the event, and if you couldn’t join us, we hope to see you at our next Cybersecurity Summit. For a full list of Gigamon events, visit the Gigamon events page.