Cyber Defense eMagazine February Edition for 2023
Cyber Defense eMagazine February Edition for 2023 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Cyber Defense eMagazine February Edition for 2023 #CDM #CYBERDEFENSEMAG @CyberDefenseMag by @Miliefsky a world-renowned cyber security expert and the Publisher of Cyber Defense Magazine as part of the Cyber Defense Media Group as well as Yan Ross, Editor-in-Chief and many more writers, partners and supporters who make this an awesome publication! Thank you all and to our readers! OSINT ROCKS! #CDM #CDMG #OSINT #CYBERSECURITY #INFOSEC #BEST #PRACTICES #TIPS #TECHNIQUES
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Zero Trust: Recently, the federal government has started waking up to the prevalence and necessity of<br />
adopting an “assume breach” mentality (the philosophy that even with the best perimeter and detection<br />
and response technologies, breaches will still find a way into our networks) – which will result in a seismic<br />
shift in how agencies defend their operations in <strong>2023</strong>. We can expect to see an increased focus on<br />
implementing more modern containment strategies vs. solely relying on traditional prevention<br />
approaches.<br />
In addition, the federal government has focused more on accelerating and mandating Zero Trust adoption<br />
in the past year – yet agencies are overwhelmed by the sheer volume and complexity of the recent<br />
mandates, directives, and goals that they need to comply with. Moving into <strong>2023</strong>, agencies should<br />
evaluate the progress they’ve made on the different pillars of Zero Trust and dedicate their limited<br />
resources to making progress on all pillars versus getting stuck trying to find a perfect solution <strong>for</strong> each<br />
individual one.<br />
Agencies need to avoid paralysis by analysis. The reality is, no plan is 100 percent perfect – what matters<br />
is making progress. Even incremental, small steps toward implementing Zero Trust plans will contribute<br />
to building resilience to cyberattacks.<br />
Ransomware: With the rise of ransomware-as-a-service, the barrier to entry <strong>for</strong> attackers is low. We can<br />
expect to see smaller-scale bad actors, who wouldn’t normally have the resources to launch cyberattacks<br />
against the U.S. federal government, tapping into these services in <strong>2023</strong>. That’s why it’s all the more<br />
important to support agencies with the in<strong>for</strong>mation and resources they need to build resilience.<br />
Artificial Intelligence (AI): As AI continues to become more mainstream, we are going to see the<br />
technology that is used to enhance efficiency and improve operations also enhance the way bad actors<br />
attack organizations. For example, bad actors can tap AI to develop better quality deep fakes, improve<br />
phishing attacks, and augment existing tactics to better evade detection. As AI gets smarter, agencies<br />
must be prepared <strong>for</strong> attackers to keep pace.<br />
CISA Priorities: CISA’s focus on improving cybersecurity <strong>for</strong> critical infrastructure sectors, K-12 schools,<br />
and the healthcare sector is an important step in the right direction. However, these sectors have outdated<br />
and antiquated IT infrastructure and are largely underfunded and under-resourced. Over the next year,<br />
the focus should be on improving the basics (like implementing widespread two-factor authentication and<br />
Zero Trust Segmentation, <strong>for</strong> example).<br />
And while CISA continues to provide much needed guidance, critical infrastructure and other high-risk<br />
sectors need tangible help (technology tools, software, etc.) to implement solutions that reduce their risk<br />
from inevitable breaches.<br />
<strong>Cyber</strong> Skills Gap: The need <strong>for</strong> a skilled cybersecurity work<strong>for</strong>ce remains top of mind <strong>for</strong> agencies and<br />
industry leaders. As the skills gap persists, federal leaders should seek to enhance collaboration between<br />
agencies to maximize talent. Many agencies – especially smaller ones – simply don’t have the bandwidth,<br />
resources, and expertise to address today’s evolving cyber concerns. Agencies need to get creative to<br />
address some of these challenges. We must use our cyber work<strong>for</strong>ce judiciously.<br />
Moving into <strong>2023</strong>, agency leaders must continue to prioritize cyber progress and improvement, with an<br />
emphasis on building cyber resilience from the inside out. It’s clear that maintaining the status quo means<br />
<strong>Cyber</strong> <strong>Defense</strong> <strong>eMagazine</strong> – <strong>February</strong> <strong>2023</strong> <strong>Edition</strong> 112<br />
Copyright © <strong>2023</strong>, <strong>Cyber</strong> <strong>Defense</strong> Magazine. All rights reserved worldwide.