Once again, we find ourselves at that stage in the political cycle when the new administration is taking office. That means a revised look at everything — from the economy, to the markets, to the health of our industries. And an evaluation of how effectively we’re protecting all of the above.
It is no surprise that cybersecurity is top of mind due to several recent high-profile breaches, many of which were mentioned in our end-of-the-year wrap-up.
Perhaps no cybersecurity events were as disturbing as those surrounding the 2016 election. It turns out that many of these attacks would have been thwarted if US agencies and organizations implemented the right technologies such as multi-factor authentication and carefully followed a set of best practices such as least privilege. Organizations know what has to be done, they’re just having trouble doing it.
99% of the Regulations We Need are in Place
The truth is, we have virtually all the guidance, rules and regulations we need for both the private and public sector to effectively protect against cyberattacks. The problem is that those security measures have not been widely implemented. Nearly every day we talk to agencies and businesses that are trying to adhere to regulations like HSPD-12, which was enacted by President George W. Bush in mid-2004 — nearly 13 years ago.
If the new administration wants to batten down the proverbial hatches, it should start by assisting public and private organizations in their efforts to adhere to existing regulations and best practices. It’s not as simple as it sounds. Different companies require very different infrastructures and it’s not always clear how a regulation might be met inside an individual environment. One size doesn’t necessarily fit all.
Centrify: Co-chair of the 2017 ICIT Winter Summit
In an effort to educate and provide guidance on how companies can meet government-mandated requirements, Centrify has taken the role of co-chair at today’s 2017 ICIT Winter Summit in Arlington, Virginia. The Institute for Critical Infrastructure Technology (ICIT) is a highly reputable and trusted organization whose research is used by critical infrastructure operators around the globe. The organization also provides guidance for the Senate, House and a number of intelligence agencies.
The 2017 ICIT Winter Summit will include executive briefings, expert panels and agency spotlight programs to help strengthen the critical infrastructure community, improve the cybersecurity and resiliency of networks and increase the impact of investments and policy efforts.
Speakers will include General Michael Hayden, former Director of the NSA and CIA; Pete Kim, CISO of the U.S. Air Force; and Robert Klopp, CIO & Deputy Commissioner at the Social Security Administration. The line-up is impressive, and I expect a lot of very valuable information will be shared. I am honored to join these distinguished speakers as one of the keynote speakers.
ICIT 2017 Winter Summit: Learning through Collaboration
Many different regulations have been issued by many different organizations. When a different set of rules are implemented, the emphasis is typically on comprehensive protection -- and not what other agencies might have already enacted. And that can be very confusing.
In order to address this issue and help attendees understand how to adhere to regulations inside their specific infrastructures, we’re providing a collaborative learning environment on a variety of topics at this year’s ICIT. A panel of subject matter experts will kick off the material, followed by round-table sessions where, rather than sit and be lectured at, attendees actively participate to identify solutions to their real-world challenges.
And because regulations often require clarification, we’ve populated the presentations, panels and break-out sessions with members of the various agencies that can help attendees to clarify the language within, understand the intent behind them and ultimately help to devise a strategy to meet them.
My hope is that Centrify can play a key role in helping public and private organizations to adhere to the regulations that have been devised to protect them. If it wasn’t obvious before, it’s now clear that it’s time to recognize the importance of cybersecurity and the need to safeguard our nation. Centrify is ready to do its part. One infrastructure at a time.
Learn about federal compliance solutions here.