Cybersecurity Executive Order Addresses Attacks, Upgraded Protection for 2021 forward


By Ryan Johnson, Solutions Engineering Manager - F5 U.S. Federal Solutions

The May 12 Executive Order on Improving the Nation's Cybersecurity lays out a multi-pronged approach on how to mitigate attacks, such as SolarWinds and the Colonial Pipeline breach. As explored below, a failure in any one of the abilities to detect, report, employ protections in a timely manner, and ultimately defend against the threat can cause a cascading effect on whether or not the threat is successfully thwarted.

The Criticality of Zero Trust

The concept of Zero Trust has been around for some time. The Federal government was primarily introduced to Zero Trust in the form of the TIC 3.0 modernization effort, which at its core is built on top of Zero Trust. Unfortunately, properly securing sensitive data being shared between cloud providers and agencies has fallen short of an acceptable risk threshold, and the recent executive order calls this out.

The Federal government must be able to obtain threat data from its partners to stay on top of the latest security threats. NIST has taken an excellent step towards addressing as to what Zero Trust should mean to Federal government with SP 800-207.

Visibility is More Important Than Ever

Many agencies and corporations still suffer from blind spots within their cybersecurity organization. If attacks cannot be seen, they cannot be detected, reported, and mitigated. Visibility has become an even greater issue due to the proliferation of SSL/TLS across what have been traditionally deemed as secure/internal parts of the network, related to the need to encrypt all transmissions of data.

Reporting, Monitoring, and Sharing of Threat Intelligence Matters

Cybersecurity teams need to see all the transactions and data from client to application to provide the most meaningful assessments of possible threats. Unhindered sharing of threat intelligence must exist in the Federal partner ecosystem. Threat intelligence sharing is also vital in the detection of software supply chain threats.

Security Agility Becoming More Important

How quickly can cybersecurity teams employ protections in a secure and non-disruptive manner? IT is going through a major shift in becoming more agile. Being able to quickly and securely deliver modern applications with less disruption has been coined DevSecOps. This modern development practice allows organizations to become more nimble in how they employ cybersecurity protections in a safe and non-disruptive manner.

Strategy and Tactics Behind Cloud Smart is Gaining Momentum

Consumers of cloud are often taking a leap of faith that cloud providers are doing “the right thing” when it comes to cybersecurity while relinquishing a level of control of data and security to the provider. Information sharing between cloud providers and agencies must be part of the Federal partner ecosystem to provide more comprehensive security.

Each of these tenants are required to achieve a higher cybersecurity standard. Learn more about how F5 Government Solutions can help in meeting and exceeding the level of security associated with the recent Cybersecurity Executive Order here.

Sustaining Partners