Pentagon taking 'cybersecurity seriously' with new office
The Pentagon has announced it will formally launch a new office dedicated to accelerating the adoption of a new “zero trust” cybersecurity model.
David McKeown, DoD’s chief information security officer, said the office will fall under DoD’s chief information officer and be led by a yet-to-be-named senior executive. The move is part of an acceleration to ongoing zero trust implementation spurred by the Russian-orchestrated SolarWinds intrusion of federal systems.
“We’ve redoubled our efforts, we’ve fought for dollars internally to get after this problem faster,” McKeown said at C4ISRNET’s CyberCon event.
Commenting on the news, Felipe Duarte, Senior Researcher at secure access company Appgate, says by focusing on Zero Trust, "the Pentagon sends a clear message to cyber-criminals that they are taking cybersecurity seriously".
“The SolarWinds' attack revealed how lots of organisations, including government ones, are vulnerable to supply-chain attacks, and that after an initial breach, there aren't enough barriers in current infrastructures to stop the threats from spreading, he said. "The Kaseya attack was another example, where attackers managed to infect lots of Kaseya customers attacking the VSA application. After the attackers get access through any trusted application, they can easily navigate through the network.
"Zero Trust then becomes the natural solution for that. Only by segmenting the networks and assuming all connections can be compromised you can detect an intruder in your network. ZeroTrust needs to be implemented in the core infrastructure, you must profile any device trying to connect in your network, use multi-factor authentication to ensure credentials are not compromised, segment networks creating isolated perimeters, and, most important, only provide access to what a user or a system needs to," he adds.
"This, along with Biden's memo published earlier this year, should be a wake-up-call to all organisations that haven't adopted Zero Trust yet. The best way to contain the damage from a Ransomware or a Spyware attack is to implement Zero Trust.”