CISA chief calls for continuous global collaborations to combat cyberthreats

In a post-pandemic world, the security landscape has become incredibly complex. We’re now more digitally connected than ever in both our private and professional lives. More technologies are popping onto the scene and enterprises are accelerating digital transformation to meet the demands of an increasingly sophisticated business ecosystem. An example of this acceleration is seen in a McKinsey survey that found that artificial intelligence (AI) technologies could deliver up to $1 trillion of additional value each year in the finance and banking industry.

While trends like digital transformation and hybrid work come with their benefits, they are a double-edged sword, according to Eric Goldstein, assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA).

In an interview with VentureBeat at CyberWeek 2022, Goldstein clarified that the rise of mobile computing, especially among enterprise users, presents a security threat that security professionals need to put at the forefront. According to Goldstein, IT leaders must answer critical questions like: How do we secure our mobile endpoints and drive down attack surfaces for our adversaries, even as we transition to digital?

A clear recommendation is to put security top of mind through the entire security cycle, said Goldstein, who added that organizations, including small and medium businesses (SMBs), must consider moving applications and workloads into a cloud environment. Moving processes to the cloud will help to protect endpoints, he noted. But the war against adversaries cannot be fought alone, with Goldstein reinforcing the need for international collaborations.

“Partnership as the foundational construct of our work is something that you will see reflected throughout today’s conversation,” he said.

Cybersecurity threat actors aren’t constrained by borders

With the knowledge that cybersecurity threat actors are not constrained by borders or geographical locations, CISA recently announced the opening of its London attaché office, alongside several other international collaborations. On the heels of these developments, CISA intends to advance its four international strategic goals, which are to:

• Advance operational cooperation
• Build partner capacity
• Strengthen collaboration through stakeholder engagement and outreach
• Shape the global policy ecosystem 

As Goldenstein puts it, international collaboration is absolutely critical, and it’s the case for a few reasons.

“First of all, we know that it is the same adversaries we all are facing, whether they’re nation-states or criminal groups, who are targeting entities throughout the world. And so, there’s no country that is uniquely targeted by a given actor,” he said.

Goldstein further noted that the more we can collaborate internationally around cybersecurity threats, vulnerabilities and the practices to reduce both, the more effective we’ll be in getting ahead of adversaries.

While Goldstein acknowledged that vulnerabilities won’t go away as a result of the collaborations, he believes it will help to bring together like-minded governments to help solve the issues as they arise.

“More broadly, we also know that just looking at today’s threats and vulnerabilities isn’t going to get us out of this challenge. So, we need to move to a world where security is more — where technology is more secure and resilient by design. And the only way we’ll do that is by coming together as a global community around the sort of standards of design principles that are going to lead us to the next generation of technology that are both secure, resilient and also have democratic values baked in. [We must ensure that] we are respecting privacy, building an access point in freedom of communication, and we have to do that among like-minded governments.”

Agreeing with Goldstein was Chris Inglis, national cyber director, Office of the President, White House, who noted that we need security by design and a collective, collaborative defense.

“There are things that we can do together that no one of us can do alone. [When we collaborate], you can’t beat one of us without beating all of us,” he said.

Stemming the tide of adversaries 

A report by Sophos [subscription required] revealed 60% of organizations were victims of ransomware attacks last year. This is one of the ugly sides of digital transformation and its continued stride across the enterprise. However, CISA is all about stemming the tide of adversarial activity. Not too long ago, the agency warned about the Log4Shell vulnerability in the VMware Horizon and Unified Access Gateway (UAG).

Gartner predicts mobile usage will rise to a high of 470 million units in use in 2022; the risk it presents to data security can be mitigated by rethinking multifactor authentication. According to Goldstein, “if there’s one thing that organizations — whether they are building or using applications — should be doing, it’s ensuring they have multifactor authentication (MFA), not just built-in but turned on by default.” He said there’s so much evidence now that MFA is the most effective control against most cyber intrusions and cyberattacks.

While Goldstein acknowledged that part of the challenge of cybersecurity is understanding where to put the next security dollar, he reiterated that building a collective front through international collaborations is the key to stopping adversaries dead in their tracks. And he envisions a future where applications not only have MFA built in, so they don’t use usernames or passwords, but that the MFA functionality isn’t optional – it’s required. “Or, if it’s optional, it’s ‘opt-out,’ not ‘opt-in,’” he said. “[Global] collaborations are essential to creating this type of world.”

Originally appeared on: TheSpuzz