As the new government takes office with the promise of change, this opens new opportunities to improve the nation’s cybersecurity posture. Improving national resilience is no mean feat, so taking a phased approach will be critical. By looking at the challenge like the process of building a house, the government can define the building blocks that are necessary to deliver a robust and resilient nation. The first step is laying the foundation with strategies for a more secure public sector, to then supplement with clear and specific regulations and guidance governing the security of the private sector, and finally maintain the structure for years to come with proactive strategies across both public and private sectors.
Here are a few ways the new government can lay the foundations of a more resilient and secure future:
Starting with the foundation
Building national cyber resilience must start from the ground up. This means addressing the critical systems that keep the wheels turning. Currently, the nation is falling behind in two key areas: i) the dependence on insecure legacy technology, and the lack of security controls and accountability in the extended supply-chains which connect critical national infrastructure (CNI).
Firstly, the government must address the risks posed by legacy IT. With a recent government report revealing that there are 43 legacy IT systems currently at critical risk level, including 11 in the MoD, the urgent need for modernisation cannot be understated. As ransomware attacks continue to grow in sophistication, aging systems must be updated and secured to mitigate risk and build resilience. CNIs are the foundation on which the nation is built, and your house is only as strong as its foundations.
The next key step for the new government is to secure the extended supply-chains that offer threat actors potential entry points to CNIs. The recently announced Cyber Security and Resilience Bill covers this issue through mandated incident reporting, ensuring full transparency when assessing potential partners. It will be critical for organisations to perform a thorough vetting of third parties that not only covers the cost and quality of service, but also the security posture and maturity of the supplier.
Building walls with best practices and legislation
Cyber resilience doesn’t solely rely on the public sector. Private organisations must bolster their own security to help build up the resilience of the nation as a whole. The reality is that most CNIs are run by private organisations. So, it will be up to the government to provide private sector organisations with the frameworks and guidance required to help them develop robust security strategies, and to hold them to account where they fail to do so.
To mark a step-change in the national cybersecurity strategy, the new administration will need to both encourage best practices and enforce them with robust legislation. The government can set an example for organisations to follow by focusing on building cyber-capacity, skills, and resources for both public and private authorities, and this approach needs to be reinforced with new or updated regulations to hold businesses accountable. For example, mandating regular audits and setting a benchmark for compliance will ensure organisations and their supply chains will remain secure to the highest standards for time to come. Another priority is advocating for CISO representation at board level to help raise security risk as a top priority amongst business leaders. A recent survey suggests that this could produce one of the biggest impacts in bolstering security, since over half of CISOs worldwide said that board-level priority of cyber risk is the main change that would empower them to secure their organisations.
Maintaining structural integrity through proactive strategies
One key point that the new government will need to drive home is that the best way to safeguard against incoming threats is continuous proactivity. The goal of the new regulations will be to force organisations to adopt better proactive security strategies, but the responsibility of implementing and upholding these strategies will ultimately be up to the organisations themselves. Advocating for Zero Trust models and improving visibility will be critical – one can’t happen without the other. With 64 percent of security leaders expecting a Zero Trust mandate in the next couple of years, the importance of starting now to take steps towards network segmentation and reducing inherent trust is clear.
Organisations will need to develop a comprehensive understanding of their infrastructures, ensuring all their security and network tools work in synchronicity. With research showing that 70 percent of CISOs don’t trust the effectiveness of their current tool stacks in addressing threats and remediating breaches, the need for optimisation cannot be understated. Investing in new tools is no longer a viable solution. Organisations must ensure that all their tools are properly integrated, configured, supplied with high quality data, and play into a broader security strategy to successfully identify and eliminate threats before they wreak havoc.
No organisation can ever be completely breach-proof, but achieving full visibility of all network traffic is crucial for enabling a truly proactive security strategy. This visibility empowers security teams to detect incidents early and prevent widespread damage. Current MELT (Metrics, Events, Logs, and Traces) methodologies fall short in hybrid cloud environments, necessitating the need for Deep Observability to address blind spots, especially in laterally moving and encrypted traffic. Visibility is the foundation of cyber-resilience, as you can’t manage what you can’t see. Real-time, network-level intelligence that can identify suspicious activity, even in encrypted traffic, is essential for a robust defense against cyber threats.
Comments
Post a Comment