New CISA Operational Directive Strengthens Cyber Defenses for Federal Networks

February 14, 2023

CISA has issued a new Operational Directive aimed at strengthening federal networks’ cyber defenses. As the article outlines, the directive is part of a larger effort by the agency to address the challenges posed by Russia’s state-sponsored attacks on critical infrastructure. In addition, the DHS has recognized the need to increase its ability to monitor distributed environments to find and remediate vulnerabilities. The agency has also found it difficult to attract and retain skilled cybersecurity personnel to fill positions.

Understanding and Mitigating Russian State-Sponsored Cyber Threats to US Critical Infrastructure

There is a growing threat of malicious cyber activity from Russia against the US critical infrastructure. This is especially true as tensions rise in Eastern Europe. It is imperative that all organizations raise their cyber resilience to withstand attacks.

Russian state-sponsored actors have been using malware and other tactics to target and disrupt critical infrastructure in the U.S. The cyber threat is now more pervasive, so all organizations must accelerate their plans to increase their cyber resilience.

The Russian Federal Security Service (RFSS), a successor agency to the former Soviet KGB, has targeted several critical infrastructure organizations, including utilities, energy companies, aviation networks, and transportation companies. They have also been conducting spearphishing campaigns to steal credentials and gain access to targeted networks.

The Russian Foreign Intelligence Service (“SVR”) has also been involved in targeting critical infrastructure organizations. They bypass multi-factor authentication on cloud accounts, allowing them to access systems with minimal effort. They also have conducted large-scale scanning of servers to find vulnerable systems.

Recruiting and retaining cyber talent has been a long-term challenge at DHS

The Department of Homeland Security (DHS) has been facing a long-term challenge of recruiting and retaining cyber talent. But the agency has recently taken steps to improve the process.

DHS’s new talent acquisition system, called the “Cybersecurity Talent Management System” or CTMS, designed to get new employees onboard more quickly. It also includes a new compensation system.

This system allows DHS to reorganize its hiring process, allowing the agency to bypass the usual job posting requirements. Instead, prospective employees will require to demonstrate their expertise through a competency-based assessment. It will also require them to submit a real-world simulation.

DHS hopes that the new program will encourage employers to recruit candidates with diverse backgrounds. DHS plans to work with minority-serving institutions, and it will offer career development opportunities to help women and underrepresented groups enter the workforce.

The DHS Intelligence and Cybersecurity Diversity Fellowship Program offers students a paid internship. The goal is to attract qualified college students to the cybersecurity industry.

Increasing visibility across distributed environments to remediate vulnerabilities

There is a lot of hype about the Internet of Things (IoT) and cloud computing, but if you are looking to make the leap into the cloud, you should first consider your cybersecurity posture. Many companies have workloads in multiple cloud locations and are susceptible to attack because of this. Fortunately, there are several tools that can help you increase visibility across distributed environments and mitigate risks, such as VMware’s Vulnerability Management and Skybox’s Security Posture Management.

For example, one of the most important steps in securing a cloud environment is to collect data on your network. You can do this through a variety of methods, but the most efficient approach is to leverage APIs. This allows you to connect to various cloud services without the need for manual intervention.

Another important step in achieving your cloud security goals is to implement identity management controls. This is especially important when you are deploying a hybrid cloud infrastructure. This will also help you minimize your overall risk profile.

Cross-agency collaboration is challenging

Efforts to improve the effectiveness of federal cyber defenses through cross-agency collaboration are crucial. While there are many advantages to these collaborative approaches, there are also some potential challenges.

For starters, the federal government has limited resources and suffers from several classification and budget limitations. These constraints have resulted in a lack of institutional capacity for collective defense. In addition, several silos have limited communication and coordination between agencies. The challenge for federal cyber defenses is to create a system that able to quickly analyze and respond to cyber threats.

To address these challenges, the federal government has started a project to implement a collaborative defense approach. Researchers from the Cyber Project, funded by the Technology Modernization Fund, conducted interviews with a variety of actors from the federal government, state government, and private sector. They poured over existing research and incorporated lessons from the Team of Teams and Cyberspace Solarium Commission reports.

Ammar Fakhruddin

ABOUT AUTHOR

Ammar brings in 18 years of experience in strategic solutions and product development in Public Sector, Oil & Gas and Healthcare organizations. He loves solving complex real world business and data problems by bringing in leading-edge solutions that are cost effective, improve customer and employee experience. At Propelex he focuses on helping businesses achieve digital excellence using Smart Data & Cybersecurity solutions.


Data Security Through Data Literacy

Data Security Through Data Literacy

Unlocking data security through data literacy. Explore the pivotal role of understanding data in fortifying cybersecurity measures. Data is now pervasive, and it is important for people to understand how to work with this information. They need to be able to interpret...

Trojan Rigged Tor Browser Bundle Drops Malware

Trojan Rigged Tor Browser Bundle Drops Malware

Trojan Rigged Tor Browser Bundle drops malware. Stay vigilant against cybersecurity threats, and secure your online anonymity with caution. Threat actors have been using Trojanized installers for the Tor browser to distribute clipboard-injector malware that siphons...

Siri Privacy Risks: Unveiling the Dangers

Siri Privacy Risks: Unveiling the Dangers

Unveiling Siri privacy risks: Understand the potential dangers and take steps to enhance your digital assistant's security. Siri is a great piece of technology, but it can also be dangerous to users’ privacy. This is a serious issue that should be addressed....

Recent Case Studies

Press Releases

News & Events

Solutions

Managed Security Services
Security & Privacy Risk Assessment
Cloud Platform Security
Incident Response & Business Continuity

Penetration Testing

Virtual CISO

Email Security & Phishing

Resources

Blog

About Us