Why agencies are shifting from cyberdefense to digital resilience

A new report highlights what’s driving agencies to move beyond protecting their networks and focus more on how to sustain operations during attacks.

A growing cadre of federal IT leaders recognize that fortifying their defenses is no longer enough to protect their agencies amid the rising tide of cyberthreats.

The reality is that cybersecurity threats are evolving quicker than most agencies can respond. Nearly 7 in 10 federal civilian agency IT leaders — and more than half (55 percent) of their defense and intelligence agency counterparts — say their agencies aren’t keeping pace with evolving threats, according to a recent study from CyberScoop and underwritten by RedSeal.

CyberScoop report on digital resilience strategies

Download the full report.

That statistic is leading agencies, including the U.S. Army’s Program Executive Office for Enterprise Information Systems, to look for more effective ways to contain breaches, improve resilience and sustain critical operations unimpaired during attacks, according to a separate report released by RedSeal.

According to the report, the agency is in the process of acquiring automated network mapping and modeling tools to improve cyber resilience, including tools to monitor, quarantine, emulate and counter threats. This is part of a broader effort to protect the Army’s tactical communications network during cyberattacks.

RedSeal CEO Ray Rothrock said that achieving digital resilience begins when you know about your networks — “where they connect, how they connect, to whom they give access, and what they expose.”

According to Rothrock, there are specific steps agencies should take to improve resilience:

  • Get a real-time picture of the network
  • Verify network configurations meet industry standards
  • Verify all possible access by conducting end-to-end analysis
  • Prioritize vulnerability remediation of the highest risk vulnerabilities.

Automating monitoring and mitigation activities will play a critical role in enhanced security and resilience.

Attacks will come and some will succeed, he says, and resilience is really about having choices the instant you detect an attack. Ensuring you have choices in cyberspace means visualizing, identifying and measuring security risks in a way that enables your cyberdefenders to take the right actions at the right time.

The report underlines that a shift toward resilience doesn’t mean abandoning cybersecurity basics. Firewalls, antivirus software and intrusion detection systems will continue to play a part in what some refer to as “busyness metrics” — telling agencies how many attacks have taken place and how many patches have been applied. However, they don’t necessarily provide insight into how effective cybersecurity responses have been.

One of the most important pieces of cybersecurity remains having the ability to quantify the resilience of an existing network and data structures. This remains a significant challenge for federal agencies.

“Mere survival is not a sufficiently ambitious objective,” said Rothrock. “Intensively connected enterprises need to thrive in high-risk environments and even under attack. Thriving under attack is not a radical proposal. It is a function of digital resilience.”

Read more on the best ways to prepare your organization for greater cyber resilience. 

This article was produced by CyberScoop and sponsored by RedSeal. 

Latest Podcasts