Government Technology Insider
  • About
  • State & Local
  • Civilian
  • Defense & IC
SUBSCRIBE
No Result
View All Result
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Innovation and Technology to Advance Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
Government Technology Insider
  • Acquisition
  • AI & Data
  • Cybersecurity
  • CX
  • Digital Transformation
  • Hybrid Work
    • Work Smarter
  • Public Safety
  • Resources
    • Innovation and Technology to Advance Government
    • World of Work
    • Your Digital Transformation Path Starts Here
    • The Frontlines of Customer Experience
    • Innovative Solutions for Connecting Agencies
    • Be Ready For What’s Next
No Result
View All Result
Government Technology Insider
No Result
View All Result
Home Cybersecurity

3 Pillars the Department of Defense Needs to Win the Global Cyber War

by Jenna Sindle
May 7, 2019
in Cybersecurity
Reading Time: 5 mins read
A A
Department of Defense
Share on FacebookShare on Twitter

Introduction

The mission of the Department of Defense (DoD) is perhaps the most daunting of any government agency. To be charged with protecting not only the physical security of the nation and its interests but also its information architecture and assets in the digital age, is a weighty responsibility.

While the DoD has been victorious in land, sea, and air battles since its inception, the challenges posed by protecting and defending an ever-evolving definition of cyberspace and an ever-increasing amount of information, from ever-more aggressive adversaries is creating some unique challenges. Instead of choosing to go it alone, the DoD has reached out to private sector partners that specialize in cyber defense to devise a battle plan that will enable them to lead the charge and rise victorious in this new theater of warfare.

As Dmitri Alperovitch, CTO of CrowdStrike noted in his Congressional testimony on this matter, “[t]he Department of Defense (DoD) faces a similar challenge to that of the private sector. The very same threat actors targeting private industry today, to steal intellectual property and sometimes carry out destructive attacks, are trying to break into DoD networks to conduct espionage and degrade our warfighting capabilities.”

Three Steps to Combatting the Enemy

So, what did Alperovitch recommend the DoD do to begin to form a battle plan to combat nation-state threats from the likes of Russia, North Korea, Iran, and China?

  1. Threat Hunting

According to Alperovitch the DoD needs to pivot from cyber hygiene – activities like patching, building an asset inventory, or implementing controls – to focus on threat hunting. Hunting adversaries stops foreign intelligence and military organizations from breaking into networks. “[G] ood cyber hygiene will not stop determined GRU or PLA cyber actors – just as having locks on the door of your house would not stop Navy Seals from getting in if they have a mission to do so,” he shared with members of Congress.

Hunting is a specific activity for Alperovitch. “Hunting is assuming that adversaries are in your network and proactively searching for them by looking across your assets for indicators of malicious activity. Simply investigating alerts generated by security tools is not hunting,” he emphasized. While threat hunting might sound labor-intensive, there are tools that not only hunt for adversaries on a 24×7 basis but, do so across the millions of machine around the world. This is something Alperovitch cast as ‘low hanging fruit’ for the DoD since it can be ramped up without an enormous personnel mobilization effort.

  1. Leverage the Cloud

While “the cloud” is often held up as the panacea for organizations looking to modernize their IT infrastructure, in this instance, it really is. Alperovitch shared examples from the financial services and other private sector organizations whose legacy infrastructure and complex operating environments rival those of the Department of Defense and, yet, are making significant progress in combatting threats by using cloud-enabled technologies.

Alperovitch noted that “cloud-enabled technologies work because they flip the asymmetry between offense and defense. Modern security approaches take advantage of cloud resources by recording all computer security-related events in massive cloud-based data stores and perform advanced analytics and forensics on that data to uncover subtle adversary activity. Tracking trillions of events provides rich context for identifying suspicious patterns. What is more, once a threat is identified in one part of the network, cloud-based security technologies allow instantaneous distribution of protection against it, across the entire ecosystem. With millions of endpoints under management, DoD can leverage cloud systems to turn its scale into a strength, rather than a challenge.”

  1. Follow the Rule, the 1-10-60 Rule

To win the battle in cyberspace speed is the critical factor; the only way to beat an adversary is by being faster than them. As part of his work at CrowdStrike Alperovitch developed a model called the 1-10-60 rule. In short, the rule outlines the timeframe that an organization needs to meet to detect, investigate, and remediate a threat. “The very best private-sector companies we work with [at CrowdStrike] strive to detect an intrusion on average within 1 minute, investigate it within 10 minutes, and isolate it, or remediate the problem, within 1 hour.”

Alperovitch assured the nation’s legislative and military leaders that while this might sound impossible it is, in fact, a routine response for the best private sector organizations. What’s also important about the 1-10-60 approach is that it doesn’t rely on preventing the initial compromise, but on preventing the adversary from establishing a beachhead within the network and therefore, from, achieving their objective. And for Alperovitch, this is in fact, a better definition of preventing the breach.

Conclusion

In the end the Department of Defense has no option but to prevail in its new mission to secure, protect, and defend its new generation of prime assets. While there are definitely obstacles to be overcome, in the form of talent recruitment, legacy infrastructure, and an unyielding adversary base, Alperovitch is confident that it’s more than equal to the challenge. By focusing on concepts – threat hunting and the 1-10-60 rule – over purely technology-based solution, he has provided a framework that can transcend the evolution of tools and solutions and to adapt to whatever threat environment defines the future. And, as the CrowdStrike CTO noted at the end of his testimony, “[t]he result will be strong accountability and better defense.”

Ready to go Threat Hunting?

Tags: Cloud-Based SecurityCrowdStrikeCyber BattlesDepartment of Defense Cyber BreachDmitri AlperovitchThreat Hunting

RELATED POSTS

Cost of a Data Breach
Civilian

With the Cost of a Data Breach on the Rise, Does the Federal Government Need Cyber Insurance?

October 29, 2021
Deborah Blyth
Civilian

Deborah Blyth, Former CISO of Colorado, Shares Thoughts on Cybersecurity Challenges for State Governments

October 14, 2021
Cyber Attacks Against Critical Infrastructure
Security

Cyberattacks Against Critical Infrastructure: How Vulnerable is the United States?

April 5, 2021

TRENDING NOW

  • Advana

    Meet Advana: How the Department of Defense Solved its Data Interoperability Challenges

    8274 shares
    Share 3310 Tweet 2069
  • The Department of Defense is Embracing a Holistic Approach to Transformation and Modernization

    30 shares
    Share 12 Tweet 8
  • The Five Pillars of Zero Trust Architecture

    332 shares
    Share 133 Tweet 83
  • Identifying the Building Blocks for a Successful Zero Trust Journey

    16 shares
    Share 6 Tweet 4

CONNECT WITH US

Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
MaaS Nebula Software Factory Banner Ad MaaS Nebula Software Factory Banner Ad MaaS Nebula Software Factory Banner Ad
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad
Advertisment Banner Ad Advertisment Banner Ad Advertisment Banner Ad
Advertisement Banner Advertisement Banner Advertisement Banner
Advertisement Banner Ad Advertisement Banner Ad Advertisement Banner Ad

BECOME AN INSIDER

Get Government Technology Insider news and updates in your inbox.

Strategic Communications Group is a digital media company that helps business-to-business marketers drive customer demand through content marketing, content syndication, and lead identification.

Related Communities

Financial Technology Today
Future Healthcare Today
Modern Marketing Today
Retail Technology Insider
Today’s Modern Educator

Quick Links

  • Home
  • About
  • Contact Us

Become a Sponsor

Strategic Communications Group offers analytics, content marketing, and lead identification services. Interested?
Contact us!

© 2023 Strategic Communications Group, Inc.
Privacy Policy      |      Terms of Service

No Result
View All Result
  • Home
  • About Government Technology Insider
  • State & Local
  • Civilian
  • Defense & IC
  • Categories
    • Acquisition
    • AI & Data
    • Customer Experience
    • Cybersecurity
    • Digital Transformation
    • Hybrid Work
    • Public Safety
  • Contact Us