The government technology community is confronted with an unnerving reality: the SolarWinds and Kaseya breaches could have happened to practically any other company. The flaws discovered during the incident were not unique; in fact, these were the exact type of highly sophisticated supply-chain attack that enemies are increasingly employing. It continues to be a wake-up call for all government agencies and organizations involved in the Defense Industrial Base (DIB). These hostile cyber actors will continue to target the weakest connections in our federal IT supply chains, much like a lion targets the most susceptible antelope in the herd.
Cyber risk management isn't something that can be checked off and then forgotten about. It's a never-ending war against continually changing foes. Compliance standards must be applied carefully to prevent being prohibitively expensive for smaller technology partners and to avoid suffocating cyber innovation across the industry.
Beyond compliance, there are three core cyber awareness principles that government agencies and the DIB must uphold.
Empower threat hunting by adopting a zero-trust philosophy
To counter today's sophisticated threats, every supplier that crosses the federal supply chain, as well as every government agency that buys from this supply chain, must adopt a zero-trust approach. At its foundation, zero trust is a simple concept: trust no one, assume you've been hacked, and take proactive steps to seek out, identify, and mitigate threats.
Gather all of the information needed for genuine observability
The proper data is collected and analyzed as the cornerstone of zero trust and threat hunting. Evidence is required to solve physical crimes. Investigators must gather information that not only assists them in deciding where to search but also in proving their case.
Prioritize endpoint protection
Gartner Research Vice President Peter Firstbrook concentrated on the need for new technology tools as the industry assessed the scale and severity of the SolarWinds attack.
The quantity and sophistication of supply chain threats throughout the DIB will only increase. Standards and compliance can raise the bar, and having them is critical, but a true cyber defense strategy necessitates ongoing awareness and innovation. A collaborative attitude shift toward proactive threat hunting, information sharing, and getting the latest detection tools into the hands of the agencies and contractors who need them is the solution.