A broad strategy is being executed to enhance the Federal Government’s cyber security, including both defensive and offensive capabilities, to tackle today’s increasingly sophisticated cyber actors.
Two key takeaways :
- Federal agencies have increased strong authentication for unprivileged and privileged users from 42% to 72%, but this still leaves 28%
- And they’ve increased strong authentication for just privileged users from 33% to 75% – but that leaves a quarter who haven’t.
Philip Lieberman CEO of Lieberman Software has commented on the result of the US government’s 30-day cyber security sprint, announced to shore up defences after the OPM breach.
Philip Lieberman, CEO of Lieberman Software:
“The 30-day security sprint was an unfunded Federal mandate, which meant that tasks were to be performed, but there was no extra money granted for the activity or to take action on the findings.
The objective of the sprint was primarily political to take some action in response to the OPM breach, but to also sensitize agencies to their internal security weaknesses. The exercise had a useful outcome to force Federal agencies to do a SECURITY self-examination and prepare a formal response as to their readiness.
Resolving the findings of the 30-day sprint requires a long term investment by the Federal Government in both new processes and technology. These changes will require an army of security professionals that do not exist. Real security improvements will require senior management within agencies to implement fundamental changes that will be unpopular with many staff members accustomed to unfettered access and conveniences. Convenience and speed of ubiquitous access must be abandoned to operate agencies in a manner that would provide real resilience against nation-state attacks.
The 30-day sprint is the beginning of a long modernization and resiliency improvement program that will require time, talent and funding as well as political courage to fix what may not be broken, but is certainly not strong enough to survive against today’s attackers in cyber-space.”[su_box title=”About Lieberman Software” style=”noise” box_color=”#336588″]Lieberman Software proactively stops cyber attacks that bypass conventional enterprise defenses and penetrate the network perimeter. The company provides award-winning privilege management and security management products to more than 1,400 customers worldwide, including nearly half of the US Fortune 50. By automatically securing privileged access – both on-premises and in the cloud – Lieberman Software controls access to systems with sensitive data, and defends against malicious insiders, zero day attacks and other advanced cyber threats. Lieberman Software is headquartered in Los Angeles, CA, with offices and channel partners located around the world.[/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.