Page 48 - FCW, November/December 2021
P. 48
48
November/December 2021 FCW.COM
WT Executive Perspectives Cybersecurity challenges
fuel adoption of zero trust
Executives talk strategy as the targets and the frequency of cyberattacks continue to expand
BY NICK WAKEMAN
The need to strengthen the government’s and the private sector’s cybersecurity posture is a no-brainer, but that doesn’t make it an easy proposition.
At a recent Washington Technology Executive Perspectives roundtable, industry leaders said the threats in today’s cybersecurity landscape are well known, but the frequency of attacks and the number of targets continue to grow.
They are cautiously optimistic about President Joe Biden’s Executive Order on Improving the Nation’s Cybersecurity and its support for
concepts such as zero trust. They referred to the executive order as laying a foundation for progress, but they also made it clear that there is no endpoint and no moment when constant vigilance will no longer be necessary.
The discussion was part of a series of roundtables that Washington Technology has been conducting with industry executives throughout the year. The discussion was on the record, but we operated under the Chatham House Rule that executives’ comments would not be attributed to them or their companies. See page 49 for the list of participants.
There have also been attacks on hospitals, another direct impact that can’t be ignored, one participant said, and another added that “people are being attacked now who were never attacked before.”
The wider attacks are indicative of our growing dependence on data, and threat actors are eager to exploit that dependence. “This is just the begin- ning,” one executive said.
“We’re seeing a broader spectrum of targets that haven’t been targeted before, and there is a lack of knowl- edge because prior to today they weren’t seen as a target,” another par- ticipant said.
Fortunately, CIOs and chief infor- mation security officers don’t have to convince leaders on the business side of operations that cybersecurity is important, and there are no longer concerns that enhanced security will slow down operations. “Now it is a true business problem,” an executive said.
Beyond castle-and-
moat protection
The conversation turned to solutions, especially given how the nature of IT has changed. The rise in remote work and the proliferation of internet-of-things devices and sensors have greatly expand- ed the attack surface for hackers.
That’s why the concept of zero trust is gaining traction as a way to protect the enterprise. “It isn’t new thinking,” one participant said. “It’s the idea that
Cybersecurity: ‘A true
business problem’
Our previous Executive Perspectives
focused on innovation and culture, digi-
tal transformation, and the future of the
workforce. To kick off the cybersecu-
rity discussion, we started with a simple
question: How has the state of cyber- security changed in the past decade?
Several executives said the type of attacks hasn’t changed significantly, and even those conducted by nation- state actors, which have increased con- siderably, have been around for more than a decade.
“But we’ve seen an incredible increase in scale, and the threats are touching a wider swath of industry, gov- ernment and individuals,” one execu- tive said. The attack on U.S. elections
is a prime example of the expansion of targets. “We hadn’t seen that prior to 2016,” the executive added.
Participants also noted that attack- ers, particularly nation-state actors, have become less concerned about being exposed. Today’s bad actors possess an unprecedented brazenness.
The growth of targets brings wider recognition of the vulnerabilities we all face. Cyberattacks have made headlines for years, and breaches are so common now that they’re old news, one execu- tive said. But this year’s ransomware attack on Colonial Pipeline represented a new level of threat.
“Gas prices went up because some- thing happened,” that executive said. “People saw that it was affecting their day-to-day lives. That’s significant.”