If we have learned anything from the massive cyber hack, entitled WannaCry, that hit 150 countries recently, there needs to be more measures taken to upgrade the defense against those that are trying to extort countries for money, or cripple the world through cyber warfare.
President Donald Trump heard the request loud and clear and recently signed an executive order (EO) to beef up the cyber defense in the United States - to help continue the fight against cyber hacking.
The executive order calls for a comprehensive review of government and private sector cybersecurity, and the establishment of a plan for protecting digital networks that store sensitive data.
It includes specific cybersecurity directives for government agencies, including requiring each leader of every agency to adopt a uniform set of standards laid out by the National Institute of Standards and Technology.
The order also calls for a study of the threat posed by “botnets,” which hackers use to overwhelm targeted servers, often referred to as Bad Bots.
The nation’s overall cybersecurity was also addressed in the executive order. Specifically, President Trump highlighted the following areas for improved cybersecurity nationwide:
- Deterrence and protection
- International cooperation
- Workforce development
Basically, what the order does is it puts the focus on the executive-level to be more accountable. It also secures the third-party ecosystem and develops a market-based approach to securing the critical infrastructure. It brings some of the best initiatives from the private sector and applies them to the government.
Skeptics are critical of too much reliance on third-party systems that have foreign sources. This is of particular concern with recent cyber attacks from Russia and China. For example, Russian cyber security company Kaspersky Labs hasn’t done anything wrong that we know of, but it’s not out of the realm of possibilities.
Known but unmitigated vulnerabilities are among the highest cybersecurity risks faced by the executive departments and agencies. Some of the known vulnerabilities include using opening systems or hardware beyond the vendor’s support lifecycle, declining to implement a vendor’s security security patch (ie. WannaCry, picture above), or failing to execute security-specific configuration guidance.
Agency leaders are going to be required to lead integrated teams of senior executives with expertise in IT, security, budgeting, acquisition, law, privacy and human resources.
The big thing about the order is there isn’t much that is actionable yet, with much of it comprising of deadline recommendations. But a lot of analysts appreciate the approach. The order borrows heavily from President Obama’s administration's recommendations, and focuses heavily on the infrastructure and pushes as much as possible to the private cloud.
However, the only way we will truly know the impact is when the policies actually emerge. The EO has a 90 day deadline for each agency in the executive branch to submit a risk management report. It would describe their security measures and what are deemed to be significant risks. It also requests a study to determine whether at least some agencies can realistically adopt consolidated network architectures.
So now we wait and see.
The first line of defense is seeing your baseline traffic. If you want to dig deeper, download our free white paper, How to see your Baseline Traffic, and see if your network applications and users are healthy.