Threat awareness and cybersecurity resources from DHS
On November 2, Fast Future will be launching a new IT Strategy Community for readers who have a stake in their company’s technology decisions (more details below).
To kick off the launch—and also because we’re in the middle of Cybersecurity Awareness Month—we’re using this week’s space to interview a thought leader in that area.
Klint Walker is the cyber security advisor at the U.S. Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) for Region IV, which covers Alabama, Florida, Georgia, Kentucky, Mississippi, North Carolina, South Carolina and Tennessee.
As such, Walker acts as the liaison between federal services and state, local, territorial and tribal governments, critical Infrastructure and private industry. He provides direct coordination, outreach and regional support in order to protect cyber components essential to the sustainability, preparedness and protection of the nation’s critical infrastructure.
Which attack type or vulnerabilities have posed the greatest risk to many this year?
Walker: Our world continues to become more interconnected, leading end-users to become not only reliant on the security they have in place, but also the security of every organization with which they do business. What we’re witnessing now is an increase in cyber events targeting supply chains and other business ecosystems, which can have wide-ranging reverberating effects.
Compromises to business email systems and ransomware attacks (especially those that use phishing as an entry point) remain the most prevalent cyber threat. However, distributed denial of service attacks (DDoS) and insider threats can still pose a significant risk.
Why is Cybersecurity Awareness Month important?
Walker: It invites organizations and individuals to help raise awareness about the importance of cybersecurity across the nation. It’s a perfect time for those in leadership roles to evaluate and review their respective organization’s security and operational readiness in preparation for a potential cyber attack. CISA’s website is full of resources that can assist leaders to better inform their workforce on the need for improved cybersecurity.
Where has the conversation around identity security begun to make the most sense in light of these recent attacks?
Walker: One of the most effective ways to deter a cyber incident is with multi-factor authentication. With the significantly increased use of VPN services and teleworking across several business sectors, organizations need to adopt a zero-trust identity security with policy now more than ever to secure these expanding perimeters.
What steps do you recommend to CIOs for checking for vulnerabilities in third-party management?
Walker: Accountability and authority really sit at the center of any agreement with a third party providing cybersecurity services. When dealing with vendors, it’s essential that the contract thoroughly sets expectations for security roles and responsibilities, including how an organization plans to monitor and enforce those stipulations. It also helps for organizations to regularly exercise their response plans in cooperation with their supply chain and critical infrastructure components and other stakeholders to ensure that everyone is on the same page for security and response efforts.
Asset inventory is also extremely important for an organization’s overall security program. Many incidents that CISA sees are due to unpatched hardware or software on the network that has not been patched or updates or leaving default passwords unchanged.
How can we mitigate inside a company through cyber leadership?
Walker: Every infrastructure sector has been targeted by cyber attacks, with focuses shifting as new vulnerabilities are identified. Cyber mitigation must start from the top down in any organization to be successful.
Ensuring that everyone in an organization knows that security is part of their job and they are held accountable to that point, but also that they have the authority to act as defined by their security roles and responsibilities.
What do companies unwittingly do to exacerbate cyber incidents of this nature?
Walker: A lack of preparedness will exacerbate a cyber incident. Organizations that prepare and exercise their incident response and continuity plans will simply fare better than those that just ‘wing it.’ Recognizing that every type of incident requires a different approach with different internal and external resources is a step toward faster recovery and resilience.
Where can regional cybersecurity advisors step in for companies?
Walker: CISA’s Cybersecurity and Protective Security Advisor programs can advise leaders about their unique security needs by providing assessments to baseline current security environments and offering considerations for improvement.
We can facilitate workshops and tabletop exercises of both cyber and physical security action plans. The Cyber Resilience review assessment is a great way to get started, and all it takes is reaching out to our program at ipregion4outreach@hq.dhs.gov to get started.
JOIN OUR IT STRATEGY COMMUNITY
Innovation in business begins with safe and solid data-driven strategies. And, it takes a collaborative community for each of us to succeed. Our mission at Fast Future is to engage and connect regional business professionals involved in technology strategies by sharing stories and ideas that inspire us to excel.
If you are involved in technology strategy in your company, we encourage you to join our free IT Strategy Community. You will receive our new weekly IT Strategy Report, covering the IT successes and challenges experienced by your regional peers. Subscribers will also be given access to our growing Slack community of IT pros. Expand your regional connections and build your support network of colleagues who will help you stay on top of your IT strategy game! JOIN TODAY