27 Aug 2019
When it comes to setting new standards in the world of cybersecurity, teamwork has proven itself to be invaluable. From private companies to foreign allies, U.S. lawmakers are pushing for cooperation in creating decisive policies to address some of cybersecurity’s biggest dilemmas, including baseline standards for connected devices, 5G, and incident response. Jason Boswell, head of security for North American network product solutions at Ericsson, spoke out to praise the Department of Homeland Security and other federal agencies for focusing on collaborative solutions. “I’ve been in this industry for over two decades,” Boswell said, “and the work that has happened in just [the past few years] has been happening at light speed between the government and industry sectors.” He went on to point out examples such as the ICT Supply Chain Task Force and outreach efforts by NIST to various industry groups.
Benefits On Both SidesWhile federal cybersecurity initiatives such as the Cybersecurity and Infrastructure Security Agency have long since understood that the private and public sectors are linked by IT supply chains and “ecosystems,” they still lack the power to impose cybersecurity standards on private companies. Meanwhile, these private companies are starting to realize that they may be outgunned in the struggle to protect themselves from outsiders and sophisticated hacks. These circumstances have given way to a partnership in which companies work to adopt industry standards in exchange for technical resources, information sharing, and participation in federal initiatives like the ICT task force. Chris Krebs, director of CISA, cites the recently established National Risk Management Center as the epitome of this partnership model. “The concept,” he explains, “was to bring together the entirety of the federal government, whether it’s civilian agencies, the intelligence community, technical agencies, the Department of Defense, everyone together [to engage] the private sector on managing risk.” This approach has the potential to make a difference on a larger scale as well. According to Rob Strayer, deputy assistant secretary for cyber and international communications and information policy at the Department of State, the U.S. hopes to build a coalition of “like-minded governments” to respond to malicious foreign and criminal cyber attacks. If such a coalition is developed, it has the potential to make a real impact by responding to outsider threats with economic, diplomatic, and other sanctions. Strayer believes that the U.S.’s prominence as a leader in commercial cybersecurity technology will also play a role in advising allies on how to safely share their information.
Building PartnershipsThe U.S. government may be going above and beyond to set an international standard for cybersecurity, but when it comes to your organization, will you do the same? Our Red Team Assessment is designed to provide a comprehensive evaluation against current, real-world threats in one virtual assessment process. This service will evaluate all levels of your organization, including:
- Penetration Testing (internal and external)
- Social Engineering/Phishing Attacks (by phone, email, and in-person; we take this to the next level by attempting an actual breach of your network)
- Physical Access (perimeter sweep, building access, secure interior room access)
- Black Box (planting rogue remote-access devices in the production network)
- Secure Document Disposal (secure/common waste disposal, dumpster inspection)
- Wireless (forged authentication, encryption testing, device spoofing)