Emergent threats to the federal cyber community in 2023

The last year has been transformative for federal cybersecurity. Amid the ongoing government wide initiative to achieve zero-trust, all agencies strove to bolst...

The last year has been transformative for federal cybersecurity. Amid the ongoing government wide initiative to achieve zero-trust, all agencies strove to bolster their defenses. On the other hand, adversaries continued to advance malicious cyber efforts.

Cybersecurity is too often a reactive practice. The reactive nature of cybersecurity is somewhat inherent given best practices must continually adapt and mature to keep pace with the evolution of threat actors. However, when disparate organizations share insights on emerging, observable trends, the entire community can proactively defend against the latest types of cyberattacks.

With a new national cybersecurity strategy forthcoming, now is the time to reflect on current strategies and prepare for the cyber landscape of tomorrow. The entire cybersecurity community, public and private sector alike, should work in harmony toward a common goal: the security of our nation’s digital assets and critical infrastructure.

Expect an emphasis on identity

In the spirit of proactivity and collaboration, it’s imperative to share data-driven predictions on the state of cybersecurity in 2023.

The abuse of identity and credentials is a prevalent and well-known threat vector. Organizations frequently utilize multi-factor authentication to prevent malicious actors from impersonating authorized users. However, as threat actors continue to mature, agencies should prepare for MFA to falter in 2023. Cybercriminals are beginning to target and successfully bypass MFA strategies and exploit push notifications. Subsequently, organizations can expect to see the emergence of MFA tools that use biometrics or FIDO2-compliant technologies.

Privileged access management (PAM) solutions can also strengthen an agency’s identity security practices. PAM works by exerting control over privileges, applications, and remote access pathways. Such controls are critical to ensure consistent network visibility, accountability and auditability, particularly in an environment where MFA is fallible.

The January 2022 memorandum that outlines a federal zero trust architecture strategy underscores the importance of strong enterprise identity and access controls. Additionally, it describes PAM as “an important tool for improving the security of high privilege systems.” The same memo acknowledges that safeguarding the nation’s critical infrastructure is one of the factors driving zero trust initiatives.

Critical infrastructure vulnerabilities mount

While all IT systems are susceptible to remote threats and identity related vulnerabilities, 2023 will witness an increase in attack vectors for operational technology (OT). Historically, OT systems ran on proprietary protocols and lacked external connectivity. However, the OT landscape is increasingly converging with IT systems to improve their functionality. Despite the benefits of convergence, when OT systems are connected to an IT system, the OT system inherits a myriad of IT vulnerabilities.

This trend is of the utmost importance given that many of the nation’s critical infrastructure systems are dependent upon OT. The threat of such an attack is credible enough to warrant official, repeated warnings from the White House urging the public and private sectors to bolster their cyber defenses immediately. Legislative action to address critical infrastructure vulnerabilities was taken in March 2022 when the Cyber Incident Reporting for Critical Infrastructure Act was signed into law.

While incident reporting is a useful step, it is paramount to be diligent about segmentation and engineering throughout the entire network during convergence. Comprehensive IT protections and secure remote access protocols should be implemented before attaching a network to an OT system, otherwise the converged system will be vulnerable to exploitation that could yield seismic consequences. To address this threat vector, the upcoming National Cybersecurity Strategy (NCS) should establish clear guidelines and procedures for secure convergence.

The new National Cybersecurity Strategy will promote unity

The eagerly anticipated strategy document is expected to appear within a few months; it will be the first NCS since 2018. The NCS’s release will be a pivotal realignment for the public and private cybersecurity sectors. Consistency and alignment will be imperative in 2023 as significant compliance standards, best practices and even security frameworks increasingly contain divergent requirements.

As additional organizations embrace modern technology, zero trust principles, and digital transformation initiatives, these regulatory compliance conflicts will mount. Ideally, the new security strategy will serve as a clear north star to guide cybersecurity practices nationwide, effectively mitigating any confusion or contradictions.

Comprehensive collaboration will be another key component of strategic alignment in the new year. To meet the present cybersecurity challenges, all facets of the IT landscape must share information and resources.

Not only should the private and public sectors strive to work synergistically, but institutions throughout the private sector must form technology alliance partnerships (TAPs). TAPs are mutually beneficially relationships for private industry organizations that facilitate information sharing, but also make public sector procurement easier because agencies can address multiple needs simultaneously without worrying about whether the technology they adopt will integrate successfully.

Government organizations should also look inward to determine what they can do to promote interoperability. A thriving, secure digital future will only materialize if the entire cyber community collaborates to overcome common threats.

To that end, it’s essential to consult with public sector cybersecurity experts before addressing any projected trends for 2023. However, it’s equally important to consistently scan the horizon for emerging threat patterns and vulnerabilities. Malicious actors evolve perpetually, and therefore the cybersecurity industry must do the same.

Josh Brodbent is regional vice president of solutions engineering at BeyondTrust.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories