Repelling Cyber Criminals Trying to Capitalize on a Crisis
By Kevin Orr, President, RSA Federal
Current geopolitical crises unfolding around the globe have far-reaching implications. In just a few short months, we have seen change on a global scale, impacting people, business and society as a whole. Unfortunately, it is this type of environment in which cyber criminals thrive. As a result, organizations today must quickly adapt to new market dynamics, evolving partner and customer relationships and changing business operations during these turbulent times.
At its infancy, the landscape of data security was fairly simple, allowing for an open-door system of exploration, protected from hackers by firewalls and other, relatively standard, cybersecurity measures. However, as personal data became more and more omnipresent in the digital landscape, so too did mining and theft of it. As a result, certain aspects of protection did not keep up, leaving personal data and information more easily accessible for cyber criminals to collect and exploit. Today, the current geopolitical crisis combined with the increases in always-on access brought on by trends like remote work and the potential for everybody to interact with anybody has created a much more complex landscape. This complexity has also enabled opportunity for data to be compromised, creating an inherent need for enhanced cybersecurity measures to secure the copious amount of data and information that is disseminated online.
While this complex cybersecurity landscape has created many challenges for businesses and government organizations alike, we are now seeing for the first time a uniform approach to cybersecurity being implemented. The current threat landscape also underscored the importance of Executive Order 14208 and other pending legislation aimed at improving cybersecurity posture. Personal data has evolved not just into a commodity, but a means of leverage or even extortion of certain individuals. Data theft can mean more than just exposure of sensitive information; it can also seriously impact national security, companies or individuals whose reputations and ethics are being exploited. And we must not forget about the fatal impact of extortion as a result of data being held hostage.
All of this indicates that there is an inherent need to update cybersecurity practices toward a method of zero-trust, rather than the traditional trust but verify approach. But what does this approach actually look like? Companies and government agencies are often sharing upwards of thirty percent of their data with third party collaborators – an inevitability of working with other agencies in a digital environment. This places the focal point of data security not on the data itself, but rather the governance of ensuring that individuals gaining access to this information, are in fact who they say they are. Legitimate figures have become increasingly hard to recognize in a digital age, from sources of misinformation, trojan horses and rapidly advancing ransomware – and in many cases, malicious sources have become increasingly identical in appearance to reputable ones. Solutions like multi-factor authentication have proven effective across these areas, many organizations and government agencies have some ground to cover to meet the highest security standards through the implementation of advanced identity and access management capabilities.
The Nirvana of these solutions would center around the narrative of: What is my most critical information? How is it protected? Who has access to it? And who provides accountability for that access? Individuals should be able to tier the potential threat level to their data or security, and strategize how to grant access to other users, without compromising sensitive information, and finally, be able to disrupt access to this information at their own discretion.
The next definitive phase in cybersecurity solutions will likely be centered around Identity proofing and governance of data access, versus what specific data is accessible. Rather than focusing on specific entitlements to data for individuals, the solution instead lies in creating a zero-trust environment with no exceptions. In other words, instead of continuing the current landscape of de-facto “trust but verify” before setting up protection, the order of operations should be carried out in reverse priority, shifting from a free-reign approach to more prescriptive access of data and information.
The cybersecurity challenges for organizations and government agencies alike have only grown the past few months. Now is the time to improve upon cybersecurity posture across the board, taking into account the proper cybersecurity strategy and solutions built upon the concept of zero-trust. Only then will today’s organizations properly protect themselves from bad actors that thrive in turbulent times.
About the Author
Kevin Orr is President of RSA Federal, which provides security solutions to federal agencies including U.S. intelligence, state/local municipalities and public sector agencies. With over 25 years of government experience in leading hyper-growth technology organizations, he has proven leadership in opening new markets, attracting and retaining world class talent and leading in challenging environments. Kevin can be reached online at https://www.linkedin.com/in/kevinmichaelorr/ and at our company website https://www.rsa.com/.