One Article Review
| Source |  Anomali |
|---|---|
| Identifiant | 3172427 |
| Date de publication | 2021-08-03 21:45:00 (vue: 2021-08-04 16:05:30) |
| Titre | Answering the Executive Order with Cyber Resilience |
| Texte | Co-written with Jason Burosh As noted previously, President Biden recently signed an Executive Order to improve America's cybersecurity in the wake of major cyberattacks, such as SolarWinds. Although this Executive Order only applies to the federal government and federal government systems. It can also be applied to thousands of government contractors that provide IT goods and services to the US government. The first two sections highlight the need to prioritize detection and response capabilities while sharing threat intelligence. To summarize: Section 1 of the Executive Order covers the Administration’s policy that the prevention, detection, assessment and remediation of cyber incidents is a top priority and essential to national and economic security. You can read more here. Section 2 discusses the need to share threat information about the incidents they suffer with the federal government, as well as collect and preserve data that could aid threat detection, investigation and response, highligted by: “The Executive Order ensures that IT Service Providers are able to share information with the government and requires them to share certain breach information. IT providers are often hesitant or unable to voluntarily share information about a compromise. Sometimes this can be due to contractual obligations; in other cases, providers simply may be hesitant to share information about their own security breaches. Removing any contractual barriers and requiring providers to share breach information that could impact Government networks is necessary to enable more effective defenses of Federal departments, and to improve the Nation's cybersecurity as a whole.” You can find out more info by reading the FACT SHEET The Paradigm Shift Historically, organizations have not shared threat information from the incidents they've suffered. Why? No organization wants to share bad news, especially when it comes to their cybersecurity capabilities. They risk damaging their reputation, losing their customers' trust, and making it seem like they wasted money on their current cybersecurity tools if they share information about incidents that they have suffered. With this Executive Order, the federal government is creating a central authority to collect this threat information and share it publicly. But this approach will work only if organizations step up and rapidly share their incident information. Before we share information as an industry, organizations need to break down their own silos as well. Most enterprises have dozens of cybersecurity tools deployed and access to mass volumes of related information. Despite this, many continue to fall victim to attackers who have figured out how to slip through holes that disparate systems and siloed data leave open. By breaking barriers between security information silos and functions, organizations can unify key processes and close significant gaps between detection and response capabilities. To eliminate barriers and build bridges, organizations need to focus on joining threat intelligence and defensive operations internally to effectively share what's needed to win the war against cyber attackers. Becoming Cyber Resilient While we have a long way to go until the Executive Order comes into fruition, we at Anomali believe strengthening cybersecurity begins with cyber resilience. To achieve a state of resilience, organizations need to elevate their security posture by taking a holistic approach to cybersecurity with a security strate |
| Envoyé | Oui |
| Condensat | “the able about access accuracy accurate accurately achieve across actionable active activity actor administration’s after against agencies aid alerts allows also although america's analysts anomali anomali’s answering any applied applies approach are assessment attack attackers attacks authority automated automating automation bad barriers become becoming been before begins believe between beyond biden big breach breaches break breaking bridges build burosh but by: can capabilities capability cases cause central certain changing cisos close collaboration collect comes committed compromise constantly contact continue continuously contractors contractual cost costly could coverage covers created creating critical cultivate curated current customers' cyber cyberattacks cybersecurity damaging data decisions defend defenses defensive deliver departments deployed despite detect detecting detection determine direction discusses disparate down dozens due economic ecosystems effective effectively efficiency efforts elevate eliminate eliminates enable enables enabling enhances enrichments ensures enterprises environment especially essential ever evolves executive expired external fact fall false fast federal fidelity figured find fingertips first focus from fruition fueled functions future gaps giving global goods government have help helping helps here hesitant highlight highligted historical historically holes holistic how human identified identify immediately impact impacted improve improving inability incident incidents includes increase increased indicators industry info information informed insufficient integrated integrates intelligence internal internally investigate investigation investigations its jason joining key knowledge known lack landscape learn learning leave leverage leverages like long losing machine major make makes making management many mass matters may meet model money monitor more most nation's national necessary need needed networks new news not noted objectives obligations; often only open operationalize operations optimized order organization organizations other out own paradigm partners peers perform pinpoint policy positives posture potential power precision preserve president prevention previously prioritize priority process processes protect provide providers provides provides: providing publicly quick quickly rapidly read reading reasons recently reduces redundant related relevance relevancy relevant remediation removing reputation required requires requiring resilience resilient respond response riddled risk risks root scale score seamless seconds section sections secure security seem send service services share shared sharing sheet shift signed significant siloed silos simply skills slip solarwinds some sometimes sophisticated state step strategies strategy strengthening such suffer suffered summarize: suppliers systems takes taking team teams that: them they've thousands threat threats through today today’s tools top trends trust two unable under understand unify until used useless victim visibility visualization volumes voluntarily wake wants war wasted way well what what's when who whole why will win work workflow written wrong you’ve your |
| Tags | Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.