News Insights: CISA issues sweeping federal directive for government cybersecurity

The Biden administration recently issued a sweeping order mandating all federal agencies to patch hundreds of cybersecurity vulnerabilities that could put our government at risk. It is one of the most wide-reaching cybersecurity mandates to-date, confirming that cybercrimes are a top security concern for the US.

News Insights:

Emil Sayegh, Cybersecurity Expert, Cloud Computing pioneer and current CEO of Ntirety, offered the following comments on this development.

Cybercrime Meets 2022 Budgeting Season

Cybersecurity attacks are on an exponential rise in both frequency and impact. When this year is in the books, every industry report will show how the frequency of attacks escalated exponentially again while the cost of attacks became higher than ever before. The Colonial Pipeline ransomware attack in May, was one of the costliest cyberattacks ever—paralyzing the eastern seaboard of the United States. The cycle for major cyber incidents has now become a matter of days—not weeks—as we witness continued major ransomware attacks, data loss, major breaches, as well as intelligence and industry warnings. If there was ever a time to get serious about cybersecurity, that time is now.

Cybercrime has spiked due to multiple reasons the first being the accelerated digitization of the most critical business processes, rendering businesses susceptible to blackmail in the case of a breach.  The rapid expansion of cloud computing without proper security safeguards, combined with the impact of the pandemic on the business world has exposed numerous vulnerable technologies and processes that are now being heavily exploited by bad actors. While hasty technology adoption is to blame, far too often, we witness the adoption of principles where ransomware victims “just pay up.” As many as a third of businesses in 2021 that reported a ransomware attack decided to pay the ransom.

Paying ransom demands encourages more hackers and the statistics show that not only do hackers come back to attack businesses that paid, less than 10 percent of the data that is paid out is ever completely recovered. The other issue that many IT professionals don’t grasp the full extent of the changing nature of hackers.  The bad actors we are seeing in this cyber-battle now, are well funded global criminal syndicates, backed by nation-states engaged in this for massive profit.  Paying for crime doesn’t pay off and it is a glaring example of poor preparedness and lack of strategy.

Based on the continual cycle of breach information continues to emerge, there is no reason to hold back on cybersecurity planning and budget immediately. Here are a few activities that need to start immediately:

• Actively and proactively leverage multiple sources of Threat Intelligence and trusted resources to monitor the latest methods, tools, tactics, and keep a watchful eye on the roost on a daily or even hourly basis
• Always verify and never trust. It is always a good time for zero-trust authentication and a zero trust posture throughout the organization. This protects systems outside and inside the “castle.”
• Detect, investigate, respond, and remediate issues on every endpoint, application, service, and server system. Commit to timely and near instant responses.
• Spin up more security awareness training to help minimize social engineering, phishing, and other user-focused attacks.

If an organization can’t do these items on their own, and very likely they can’t, they need to engage partners that specialize in enabling a comprehensive security posture.  The guard cannot be let down as millions of people continue to be impacted by these issues daily. Organizations need to push the pedal on evaluation, assessment, monitoring, and contingency planning, and shift their mindset to always assume a breach is underway. They need to immediately start with a protection program of all their key business processes, followed by a disaster recovery strategy, and then an assurance program that continually ensures secure operations of all critical functions. Not only should organizations break the glass and get their security playbook in full swing, but also break the bank to fund it as we enter budgeting season. The hard truth is that most organizations cannot secure their environments alone anymore, especially in the face of cyber threats driven by nation-states, a complex technology landscape, as well as severe cyber-security talent shortages.