



























By: Tom Guarente, vice president of external and government affairs, Armis
Recently, I was privileged to sit down with a high-ranking member of a key oversight committee who asked me what actions I thought Congress should take to address some of the country’s biggest cybersecurity challenges. I suggested they should begin by conducting a hearing that would publicly bring many of these challenges to light.
I was somewhat taken aback – but not necessarily surprised – by the response. I was told the committee had an IT modernization hearing scheduled next, but would hold a cybersecurity hearing in the months ahead.
That exchange captured the essence of the challenge we face in improving cybersecurity within the federal government. By viewing cybersecurity issues as separate from technology modernization, we are missing an opportunity to address the issue more effectively by integrating the two.
The federal government needs a new mindset to ensure that IT modernization proceeds with cybersecurity as a key ingredient, not an afterthought. Agencies must think beyond IT and bake cybersecurity into their program requirements from the onset. The government cannot continue down yesterday’s path of addressing modernization with cybersecurity merely being an afterthought or “check box” item.
Solicitations from many agencies at times may bake cybersecurity into their modernization programs, but tend to address yesterday’s needs and requirements, leaving out the critical nature of a growing threat surface with converged technologies.
The upcoming program to modernize the National Air Traffic Control System and improve and secure the nation’s airport/transportation infrastructure can serve as a model for this new approach. The Federal Aviation Administration (FAA) should ensure that cybersecurity is integrated into its overall modernization plans from the start. This involves ensuring the security of an infrastructure that goes well beyond traditional managed assets, such as IT, and now includes a myriad of devices (cameras, scanners, automated doors, etc.).
Doing so is critical given the urgency of ensuring safe air travel, and failure to do so could literally result in the loss of life. Here are four steps the government can take to move in this direction:
Government modernization should proceed with cybersecurity as a key ingredient, not an afterthought. The FAA and other agencies have an opportunity to serve as an example on how to do this correctly by thinking beyond IT and baking cybersecurity into their program requirements with real-time solutions that quickly identify and counter risks to their environments.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。