MathCraft Newsletter Issue Q2 2021 – Associate Member of NCMS
FSOs and Cybersecurity Challenges
In just a few months, the U.S has been racked by major cybersecurity breaches like the Florida Water Supply and Colonial Pipeline attacks. Each new incident reminds us that no one is immune to compromise: not even cleared organizations.
In 2021, FSOs are dealing with a new set of challenges, from foreign actors to ransomware attacks and supply chain vulnerabilities. As always, MathCraft is here to provide the tools and information you need to protect your organization from emerging threats.
- Cyber-Threat Landscape ‘Worst Its Ever Been’ Due to Nation-State Behaviors – during a keynote session at the RSA Virtual Conference, FireEye’s head of global intelligence said the global cyber-threat landscape is the “worst it’s ever been” due to reckless behavior from China Russia, North Korea and Iran. Read more.
- Biden Budget Seeks to Invest Billions in U.S Cybersecurity – the White House budget proposal for 2022 includes $9.8 billion in cybersecurity funding, including $750 million for “lessons learned” from the SolarWinds attack. This figure does not include $10.4 billion set aside for cybersecurity among other things. Read more.
- SolarWinds CEO Reveals Much Earlier Hack Timeline, Regrets Company Blaming Intern – according to SolarWinds CEO Sudhakar Ramakrisha, the 2020 SolarWinds breach that impacted 9 federal agencies and countless private companies began 8 months earlier than previously believed, and attempts to blame the attack on an intern were “not appropriate”. Read more.
- Federal Agencies Struggling with Supply Chain Security – according to the GAO’s director of information technology and cybersecurity, few executive branch departments have updated their security protocols for better protection against supply chain attacks. Such protections are crucial for preventing SolarWinds-scale data breaches. Read more.
- New Background Investigation Initiative Will Include Everyone by End of 2023 – all government agencies and contractors will be onboarded to the Defense Counterintelligence and Security Agency (DCSA)’s Trusted Workforce 2.0 by the end of 2023, according to agency director William Lietzau. The program will shift clearance-holders from periodic to continuous evaluation (CE). Read more.
- FBI Employee Indicted for Stealing Classified Info on FBI Cybersecurity Work – an FBI analyst has been charged by federal grand jury for retaining sensitive documents related to the bureau’s cybersecurity, counterterrorism and counterintelligence efforts. Insider threat events continue to worry experts. Read more.
- DoD Making Security Clearance Progress, but Reciprocity, IT Issues Remain – after successfully reducing the backlog of security clearance investigations to a “steady state” of 200,000, the DCSA continues to struggle with legacy IT systems and the problem of transferring clearances between federal agencies. Read more.
The State of Cybersecurity
In a keynote at RAS, Sandra Joyce – head of global intelligence at FireEye, the cybersecurity firm that uncovered the SolarWinds attack – said that the global cyber threat landscape is the “worst it’s ever been” thanks to increased aggression from nation-states like Russia, China, North Korea and Iran.
This claim is backed by evidence: for instance, ransomware events have increased by 102% since 2020. Now – in addition to insider threats – FSOs must worry about cyberattacks on their cleared facilities. In a recent blog post, we provide 3 tips to help FSOs deal with cyber threats:
- Gain cyber literacy – FSOs don’t have to become cybersecurity experts to protect their organization, but they should stay up to date on evolving risks and attack vectors.
- Implement training programs – a single workshop can help personnel to recognize a spear phishing attempt and thwart cyber actors who are trying to penetrate your organization.
- Work with your CSO/CISO – build a working relationship with the cybersecurity personnel in your organization; leverage cross-departmental insights to create a culture of cybersecurity throughout your organization.
To learn more, check out the full post: Defending Against Cyberattacks: The FSO’s Perspective.
Continuous Evaluation for Everyone
It has now been three years since the Office of the Director of National Intelligence (ODNI) announced the Trusted Workforce 2.0 initiative. Since then, it has been gradually introduced with great success. Trusted Workforce 2.0 had two major goals: reduce the clearance backlog and create a more agile, continuous vetting process to better identify threats.
The first goal has been accomplished, and the second is well on its way. Since last year, the DCSA has gradually enrolled new applicants in its continuous evaluation program, and by 2023 it plans for all federal agencies and contractors to be on board. DoD clearance holders will not have to wait that long, as the Defense Department plans for all their employees to be enrolled in CE by the end of 2021.
FSOs often have to collect information from employees as part of their security, compliance and business procedures. But with so many responsibilities on their plate, FSOs don’t have all day to spend in front of a screen sending emails back and forth or keeping track of form completions.
Portal Commander makes life easier for FSOs by streamlining little tasks that add up, especially in an organization with hundreds of thousands of employees. Through the Forms Management module, FSOs can:
- Store forms for easy retrieval
- Send forms to individual employees or groups
- Receive a notification on completion
To learn more, check out FSO Tip: Managing Forms with Portal Commander.
As a cleared organization, you depend on many software and service providers to run your business, and the last thing you expect is for them to be compromised. But it can happen, even to trusted vendors: the SolarWinds attack was an example of a software supply chain breach.
To reduce the risk of software supply chain attacks, your organization should implement Supply Chain Risk Management (SCRM) principles as outlined by the NIST Risk Management Framework (RMF). In a previous blog post, we shared six important tips:
- Ensure Business Integrity
- Ensure Product Quality
- Avoid End-of-Life Products
- Verify Security Controls
- Assess for Compromise
- Diversify IT Portfolio
To learn more about SCRM, check out Choosing Better Vendors: How NIST RMF Can Help You Manage IT Risks.
MathCraft Security Technologies, Inc. is the leading provider of innovative software and technologies for Industrial Security professionals. Our tools are compliant with 32 CFR Part 117, NISPOM Rule and are available on-premises or in the cloud. Contact us today to see how our products can transform your security operations!
NCMS Endorsement/Disclaimer: References to commercial products, processes, or services do not necessarily constitute an endorsement by NCMS Inc. The opinions and views expressed on this email and on any linked web sites do not necessarily reflect those of NCMS.