For the Federal Bureau of Investigations (FBI), cybersecurity is a must. With an abundance of confidential information housed on their networks, security is a top priority. At the recent Mission to Modernize conference, Manny Castillo, Senior Leader of Information Security at the FBI, explained how the agency confronts the cyber challenge.
With data coming from all over the world, securing their systems at every level is key. “There are three things when you look at – what do I need to do to prevent the FBI from a cyberattack?” said Castillo.
From procedures and visibility to awareness, there are a number of factors that go into building the agency’s cyber readiness plan. “Every organization needs to assume that a data breach is going to happen,” said Matt Shelton, FireEye’s Director of Technology Risk and Threat Intelligence. “Organizations need to develop a good incident response plan that lays out the steps necessary for responding to a breach from either an insider or an outsider, and you need to test it.”
This is exactly what the FBI does to ensure the safety of their data. “You have to have some type of way, a cybersecurity strategy, whatever you want to call it – what is the plan of attack when someone is attacking you?” said Castillo. For the FBI, their working cyber plan has evolved over time with attempted attacks and the results thereafter.
For any agency looking to implement a cyber plan, Castillo recommends looking over procedures, network visibility, and staff awareness of both policies and systems. “When it comes to awareness, what do you have that you need to protect?” said Castillo. Knowing how many systems you have, what is running, and how it needs to be secured is just the beginning. “This is your attack surface.”
The overall goal is to minimize the attack surface and one way to do this is to understand your network. “When it comes to visibility, you need to have a really good look into your network,” he said. With solutions like artificial intelligence, for example, you need to know what is running and where.
Lastly, staff need to be a part of your cyber plan. Going over procedures, rehearsing the action steps, and educating people once the plan is in place is just as important as the plan itself. “Education is the best way to prevent attacks,” said Shelton. “But outside of that, I believe that the best way to address an unintentional threat is a good Defense in Depth strategy. It’s basically having multiple different security controls that overlap with each other.”
With any cyber readiness plan, the goal is quick detection and rapid response. After all, “you have to know what you have, or how else are you going to protect it?” said Castillo.
To learn more about creating a cyber readiness plan, subscribe today.
