In one look.
- Responsibilities of sovereignty.
- Japan plans to increase military cyber capabilities.
- US states and cities would like federal cyber money.
- State, local and federal cooperation for cybersecurity.
- Encourage industry to adopt cyber standards.
- Close a workforce gap.
Sovereignty implies a reasonable level of control over what happens within your borders.
ZDNet recaps the Biden administration’s warning to President Putin that if Moscow can’t (or won’t) sort out its cybercrime problem, Washington will.
Japan plans to increase military cyber capacity.
In the context of escalating Russian and Chinese cyber-misdeeds, Tokyo plans to develop its cyber force of more than three hundred specialists over the next two years, reports Infosecurity Magazine. A consolidated unit will oversee the cybernetic needs of the air, sea and land branches of the Self-Defense Forces. The Ministry of Defense is also strengthening cybersecurity training and recruiting experts from the private sector as consultants.
A June report from the International Institute for Strategic Studies found that Japan’s cyber capability was lacking due to constitutional restrictions on data collection. Last year, employee information and hypersonic missile designs were apparently stolen from Mitsubishi Electric, compromising national security. Kyodo News claims the government’s new three-year cybersecurity plan “for the first time” names and shames Beijing and Moscow, and calls for defense, deterrence, intelligence, communications security, IT standards, strengthening stronger Indo-Pacific capabilities and collaboration, including through joint exercises with the United States. China’s response was, not surprisingly, hostile, calling the call a “baseless slander” and “completely bogus.” All eyes are on the Tokyo Olympics, which start in two weeks.
US states and cities want federal cybersecurity grants.
Nine local and state government groups, including the National Governors Association and the National League of Cities, have asked Congress to pass and fund a cybersecurity grant program, according to StateScoop. “The increased sophistication of cybercriminals … and the limited resources of states, territories and communities are creating the perfect storm,” the groups argued in a letter to Senate and House leaders.
State, local and federal cooperation for cybersecurity.
U.S. Deputy National Security Advisor for Cybersecurity Anne Neuberger this week met with local government leaders to define ways in which cities, states and the federal government could cooperate on cybersecurity. BleepingComputer reports that she described the federal ransomware strategy in particular:
Neuberger also described the Administration’s ransomware strategy, which includes:
- âDisruption of ransomware infrastructure and actors by working closely with the private sector;
- âInternational cooperation to hold countries that host ransomware to account;
- âExpand cryptocurrency analysis to find and prosecute criminal transactions;
- “and the federal government’s review to establish a cohesive and consistent approach to ransom payments.”
Several sources have told us about this process. Dr Chenxi Wang, General Partner at Rain Capital, wrote:
âIn the real world, individuals and governments in small towns are not expected to fight organized crime on their own. Why should cyberspace be any different? Ransomware attacks are an active underground activity with a complex web of criminal activity and operators collaborating across different value chains. Disrupting this vast web of criminal activity requires the close cooperation of state, federal and global government entities, as well as experts from the private sector and stakeholders. “
Garret Grajek, CEO of YouAttest, fully endorsed the White House awareness campaign:
âGood advice from Deputy National Security Advisor Anne Neuberger. Many local city / state infrastructures use obsolete systems which are particularly vulnerable. Organizations should not only assess their security tools in place, but also understand the roles and policies of the application and the entities. All of our businesses, including public infrastructure, are constantly analyzed. Both the CISA and the FBI have recommended that companies practice the principle of least privilege (PoLP, NIST AC-6 (1)) – ensuring that their entities are NOT overly privileged, which can directly result in significant damage to the organization if credentials are compromised. . Regular, triggered permissions for identity changes and requests are a critical requirement both to stay compliant and to keep an organization secure.
Saryu Nayyar, CEO of Gurucul, would like to see more work on the “core issue” of identifying and resolving attacks:
âRansomware continues to be a growing crisis for governments and businesses. It has become a problem enough for the White House to get involved and elevate ransomware to a strategic national security priority. State and local governments are urged to review cybersecurity practices to provide responses and contingency plans for attacks that exclude users from essential tasks in exchange for payment.
âWhile the administration strategy is clear, it does not address the critical issue of identifying and resolving attacks. This requires more concrete actions to address weaknesses in cybersecurity, coupled with the ability to respond with a plan of action. Security analysis helps governments and businesses understand when a ransomware attack occurs, but these organizations must have a response that can quickly end such attacks. “
ChloÃ© Messdaghi, Consultant and researcher in cybersecurity Disruption, also highlighted the challenges that remain to be met:
âLegacy equipment, inadequate or even undesignated cybersecurity budgets, and challenges in finding and developing talent – these are all significant issues in the public sector as well as in commercial and industrial enterprises.
âWhether in the public or private sector, the takeaway is that EVERYBODY is a target. Teams need to prioritize in real time and have an urgent need for vulnerability disclosure policies. These have done. their evidence in the commercial sector and among federal agencies, but is not implemented across state and local levels.
âObsolete equipment, missed patches, inadequate staff and tight budgets are a huge problem in the public sector. Getting employees to update their systems on time is such a challenge, and the slower cities and towns to repair and update their systems, the more at risk they put the public they serve.
âIt is especially important not to rely on a single set of security tools, such as scanners. They are not reactive over time and give no indication of priorities. Security teams need to be able to focus on priorities. in real time, and scanners and Excel documents just don’t give a real-time view of which threats are increasing and are most critical. Similarly, phishing and threat training across the city is crucial.
“Invest in your team – both within your security team and among the general population of employees.”
Purandar Das, chief security evangelist and co-founder of Sotero, places the meeting in the context of a larger concern to fight cybercrime:
âThis should be seen as a continuation of the focus and efforts of administrations to prioritize cybercrime. Earlier measures to increase funding for government e-agencies, participation at the highest levels of administration and opening collaborative doors to the private sector. It is now a recognition of the weakness of the smallest levels of government. It is a recognition that security practices at city and town levels are particularly vulnerable. Along with this recognition, the administration should provide financial and administrative support to upgrade and improve security practices. “
State law encourages industry to implement cyber standards.
StateScoop also has the scoop on the new U.S. state of Connecticut cybersecurity standards law, enacted this week. Following in Ohio and Utah’s footsteps, the Nutmeg State will now provide legal coverage to companies observing a “written cybersecurity program that … complies with an industry-recognized cybersecurity framework” such as the National Institute of Standards and Technology. In addition, the legislation expands the scope of protected âpersonal informationâ to include identifying information issued by the IRS and biometric data.
A federal approach to developing the cybersecurity workforce.
Recent bipartisan efforts by the US Congress have sought to address the federal cybersecurity workforce gap. MeriTalk has an account of some of the proposed actions.
Steve Moore, chief security strategist at Exabeam, has written about the effects of the widely reported skills gap and offers a positive assessment of legislation being considered to close that gap:
âSeventy-four percent of companies reported that a lack of cybersecurity skills impacted their ability to secure sensitive information, inevitably leading to data breaches. More than 60% of security analysts are looking to quit their jobs, according to an Exabeam study. Why? The disconnect between analysts and senior staff scares them away. Analysts often have the impression that there is no career progression or defined career path. As a result, new security professionals roam day after day aimlessly.
âExabeam’s research also found that less than a quarter of executives (20%) thought the gap between leadership and entry-level employees was a problem. Lack of connection causes the skills gap to widen and leaves private and public sector organizations on the sidelines. Recent violations at the federal level, including violations by the Treasury Department and the Justice Department following the SolarWinds attack, have prompted government officials to take action to strengthen cyber defenses.
“The introduction of the Federal Cybersecurity Workforce Expansion Act would help attract cybersecurity talent to the workforce of federal organizations and is of great benefit to veterans in Canada. transition, but it does not take into account the short-term security needs of the private sector. As a result, we are leaving holes that opponents can take advantage of all over the country. “