For many agencies, achieving cyber resiliency isn’t a matter of buying the latest and greatest technology. It’s not a matter of jumping on the zero trust — or any other — bandwagon.
It all comes to down to process, said Juliana Vida, group vice president and chief strategy advisor for public sector at Splunk.
“Probably one of the single most effective process changes that agencies can do is for people to get over themselves and change their mindset. The world today is not the world 10 years ago — around cyber or technology. It’s not the world five years ago. But really, when you look inside government agencies who are traditionally very hierarchical and very stove piped, that is not the world today,” Vida said during Federal News Network’s Cyber Leaders Exchange 2023. “We only have to look at global companies or 24-hour news cycle to see that everything just meshes together, and that has to include internal agency communications, training, policies and politics.”
Agencies that can remove internal barriers are going to be more successful with the technology, with breaking down silos and with sharing information with one another, Vida said.
The good news is the White House’s Implementation Plan for the National Cybersecurity Strategy and its zero trust guidance are driving just such a change in mindset.
Vida said it’s clear from discussions happening across the federal community that a mindset shift is taking hold at all levels of government.
“The vast majority of organizations are in a position of taking the first step to being offensive instead of defensive. I’ve seen that more and more, where companies are offering support to do that,” she said. “At Splunk, we call this surge — we have a surge team. Other companies do it too. In this case, it helps everybody by moving the ball down the field faster for us to get in and talk with agencies about ‘OK, now you have lived through that potential crisis. Let’s help you position yourselves to be more resilient for the next time because there will be a next time.’ Now, it’s an easier conversation to have.”
Workforce cyber training more important than ever
The second way to change mindset and increase resiliency is through the workforce.
Vida said agencies face a workforce skill set shortage, making the investment in training current and future employees more important than ever.
A retired Navy officer, Vida compared the workforce effort today to the battlefield where the Defense Department must prepare for the battles of today and the technology of tomorrow.
“With some of the advanced technology that agencies have in their environment, they have very few people who are skilled in knowing how to use it,” she said. “It’s a people, process and technology theme that I am seeing more agency leaders talk about and investing in. It’s going to make all the difference when they finally get that triad in place with all three pieces.”
Workforce education must include more than just cyber and technology employees, Vida said, adding that every employee should understand why security is important.
“I’ve used this example before, but it remains relevant, and that’s this notion of electricity. At the turn of the century when everybody was getting electricity in their homes and businesses, people didn’t really understand it. But today, we all know, even though you’re not an electrician or an electrical engineer, the dangers of sticking your finger in the plug because we know it’ll hurt us. We’ve been indoctrinated from when we were young to be careful with electricity,” she said.
The same should be true about technology and cybersecurity. “We are at that point where every single person needs to understand the power and the risks of having their hands on those keyboards and having access to data,” Vida said.
And the advent and the proliferation of generative artificial intelligence has only raised the stakes. “The sooner leaders can take advantage of this opportunity while people are paying attention to data, AI and things like that and educate more people, the faster they’ll be able to provide real resilience for their agencies,” Vida said.
Getting the most from current cyber tools
Another big piece to improving resiliency for many agencies is to take advantage of the security technology they have in place already.
Too often, agencies use a small percentage of the capabilities of their current tools, meaning they are missing opportunities to keep adversaries at bay, she said.
“Often, they haven’t turned on the features that can protect them from a lot of the threats that are coming in. This is where the actual partnership with the agency and your industry team, who know the products and the tools that you have, is important,” Vida advised, suggesting that agencies discuss how to get more value out of the investments they’ve already made.
In its conversations with customers, Splunk often found that agencies didn’t know about some advanced capabilities that were available to them and, once they did, were surprised.
“That’s where they should start: Let’s see how much more juice we can get for the squeeze out of what we have.”