Cybersecurity has become an essential capability for enterprises as well as government bodies. Every year, billions are lost to cybersecurity issues, and in the last few2 months, ransomware has doubled its tooth to take on any kind of new cybersecurity framework.
Last week, Congress passed the Bipartisan Infrastructure Deal (Infrastructure Investment and Jobs Act). Many industry leaders believe this could be a historic event for technology-driven companies in the United State of America. The deal has been positioned by Congress as “a once-in-a-generation investment in our nation’s infrastructure and competitiveness.” According to the announcement, the deal would allow the government to leverage President’s Build Back Framework- together this shall add on average 1.5 million jobs per year for the next 10 years. But that’s not the only objective. The government is willing to weed out the perennial problems associated with the internet era– cybercrimes using cybersecurity platforms and blockchain.
From delivering clean air and water to all American families to ensuring constant high-speed broadband internet services to all and much more, there would be a major focus on enhancing “resilience of government systems and infrastructure.”
Top IT News: KIOXIA EDSFF E1.S SSDs Now Available for Hyperscale Data Centers
We spoke to industry leaders on the development. Here’s what they had to say –
Environmental Protection Agency (EPA) And CISA Will Take Definitive Action to Identify Public Water Systems
Neil Jones, cybersecurity evangelist, Egnyte
“With the escalating volume of ransomware attacks and ballooning ransom payments, it’s clear that the approaches most organizations use to address ransomware and targeted cyberattacks on critical infrastructure just aren’t working. So, I’m excited to see that the $1 trillion infrastructure bill has allocated funds to maintain the resilience of the USA’s infrastructure against cyberthreats and malevolent nation-states. I’m particularly reassured to see both political parties supported the newly established office of National Cyber Director (NCD), including funding for the NDC to hire qualified personnel that will help him/her to achieve the group’s important mission.”
Neil added, “Finally, I’m pleased to see that the Environmental Protection Agency (EPA) and CISA will take definitive action to identify public water systems that, should they become degraded or rendered inoperable due to cyberattacks, could significantly impact the health and safety of the general public. These changes will boost the country’s cybersecurity efforts and jump-start the government’s response to cybersecurity intrusions. And, it will protect US citizens’ health and well-being — an essential outcome you can’t put a dollar figure on during an ongoing pandemic.”
Strengthen Cybersecurity: Fighting Cyber Crimes Should Be Main Goal for the New Framework
Tyler Farrar, CISO, Exabeam
“Critical national infrastructure (CNI) is a major target for cybercriminals due to the high, potentially life-threatening, impact successful attacks yield. So it’s extremely encouraging to see that the bipartisan infrastructure bill has dedicated investment dollars to protecting these systems.
It’s crucial to understand and measure normal critical asset/system posture in order to protect critical infrastructure and avoid breaches. If there’s a digital route to systems in operational technology (OT), it’s at risk whether they are air-gapped or not. We have to be more rigorous in monitoring OT systems by securing all viable log data in terms of system setting, access control and maintenance. Even the smallest anomalies should be prioritized, investigated, and managed accordingly. Simply relying on individual users for the protection of our CNI systems will not scale.”
Tyler added, “The only way to move forward for CNI protection is to work better with automation technologies to manage large volumes of data streams, analyze them for any anomalies and report risk and attacks in real-time. This, along with constant user education on being diligent and the much-needed government support the infrastructure bill will provide, is critical to protecting CNI systems from ambitious cyberthreats.”
Let’s Discuss More on Zero-trust Policy
Danny Lopez, CEO, Glasswall
“With the increase of cyberattacks we’ve seen throughout the last two years, the new infrastructure bill is a crucial step in improving the security of the nation’s infrastructure and modernizing systems to protect sensitive data and information.
Here are a few important points:
- Following a rise in attacks on water systems in areas like Florida and the Bay Area, the bill requires the EPA and CISA to identify at-risk public water systems that could impact a large percentage of the population if deemed unsafe or inoperable due to cyber threats. This is an extremely welcome initiative.s In addition, the bill incorporates the Cyber Response and Recovery Act of 2021, which allocated a whopping $100 million to improving government cybersecurity, and a significant investment in talent for the office of the new National Cyber Director.
- This bill, in addition to the administration’s executive orders (EOs) on the subject, shows just how seriously federal cyber leaders take the threat we all face. Previous EOs have emphasized the importance of stronger multi-factor authentication and encryption. These are critical elements in an effective cybersecurity strategy, but an overarching zero-trust approach will take businesses’, government agencies, and critical infrastructure organizations’ protection to the next level.
- Zero trust security sees the world differently so no one is trusted by default, regardless of whether they are inside or outside a network. Without a zero-trust approach, organizations run the risk of attackers having free reign across a network once they are inside. If more security teams turn to this approach, fewer attacks and payments will need to be reported.”
Thank you everyone for chatting with us!
[To share your insights with us, please write to sghosh@martechseries.com]
