Looking retired for the American radical and his teammates is thing Rick Diggers has committed himself to since the infinitesimal helium turned 18.
Guest Contributor / 30 Oct 2022 • 4 min read
After enlisting successful the U.S. equipped forces consecutive retired of precocious schoolhouse and choosing the challenging way of a Combat Controller, Diggers went connected to beryllium a cardinal subordinate successful mounting up the Department of Homeland Security’s postulation absorption apparatus. From there, helium moved to the CISA for 15+ years, performed cardinal positions with the U.S. aerial force, and is present the Critical Infrastructure Cyber Lead astatine Accenture Federal Services.
Rick Diggers successful his aboriginal days successful the U.S Armed ForcesDriggers worked with federal, state, and section offices to recognize the information posture of America’s infrastructure, astir of which operates connected bequest exertion that was ne'er initially intended to beryllium connected to online networks. Securing these infrastructures has taken time, and the manufacture is opening to consciousness the momentum. “If I'm looking astatine an organization’s cybersecurity posture done a maturity and a readiness lens, that truly allows maine the flexibility to marque adjustments based connected emerging threats and risk,” said Diggers, “That's a batch amended than, you know, playing whack a mole with vulnerabilities, which unluckily a batch of organizations do.”
When drilling down into what makes the agile and cybersecurity mindset possible, Driggers says it comes down to people, process, and technology, not conscionable tech operating connected its own– and that’s lone 1 of the 3 apical challenges to securing organizations.
3 Top Challenges organizational cybersecurity challenges
Diggers speaking astatine the CyberTech Europe 2022 conferenceToday’s cybersecurity gaps are particularly challenging for organizations that spot their systems and operations taken offline. When moving with governmental organizations, a hack whitethorn spell beyond ransomware to exposing the idiosyncratic accusation of a idiosyncratic of involvement oregon adjacent authorities secrets.
When the stakes are truthful high, it becomes a squad effort to guarantee that specified important information is lone accessed by authorized users. To execute this, organizations should absorption connected the following:
Culture
From the start, it’s important to admit that securing IT networks and OT (Operational Technology) networks are not the same. While IT practitioners are often focused connected securing backstage data, OT cybersecurity professionals are much focused connected operational uptime and availability. They person antithetic problems to tackle and attack them from antithetic angles.
Executives indispensable admit this and promote opportunities for them to collaborate connected sorting organizational problems successful a mode that allows them to amended recognize 1 another.
People, process, and policy
Working towards a communal extremity demands that each squad subordinate is successful a relation that is successful enactment with their skills. Employees should beryllium successful the close spot astatine the close time, capable to recognize challenges and enactment connected them accordingly, without having irrelevant decision-makers holding things back.
Visibility
Streamlining processes demands a wide knowing of what each section and squad subordinate does, successful bid to let them to enactment arsenic efficiently arsenic imaginable portion creating opportunities to admit their ain cybersecurity vulnerabilities. In addition, this creates opportunities for teams to trim duplicated efforts.
“I deliberation gaining visibility goes a agelong mode to helping negociate galore method aspects. That'll assistance escaped up resources to use to existent information practices to trim risk,” said Driggers. “In my mind, it truly each starts with visibility. If you can't spot it, you can't support it.”
Protecting infrastructure into the future
Rick Diggers connected C-SPAN erstwhile moving for Homeland SecurityThe archetypal measurement successful securing immoderate portion of exertion is by having cybersecurity beryllium portion of aboriginal development, not an afterthought wherever discovered vulnerabilities whitethorn marque a instrumentality insecure, oregon adjacent unusable.
For example, the committedness held by 5G exertion and being capable to link fleets of devices to cellular networks increases onslaught surfaces to unprecedented levels. How bash we unafraid these spaces connected specified a wide scale? “Future information challenges successful this space, peculiarly arsenic it applies to the improvement of caller oregon existing captious infrastructure, is to continuously germinate our information solutions to not lone guarantee the integrity, reliability, and information of each of these connected technologies, but we besides request to guarantee the information and privateness of our people,” said Driggers.
A ample portion of that is the Biden administration’s enforcement bid 14028, which laid the groundwork for the cybersecurity documentation and yet overmuch of the advancement that we are seeing contiguous with Software Bill of Material (SBOM) documentation. What’s more, is that it was each done from a proviso concatenation perspective– not lone for bundle proviso chains but besides for bundle improvement environments. It gives guidance connected connection and wide hazard guidance to manufacturers connected however to talk with their customers.
To execute this, SBOMs are captious successful identifying imaginable vulnerabilities, gaining insights into mitigation techniques, and securing organizations successful an organized manner. Ultimately, the greater visibility and connection astir imaginable threats that beryllium wrong an organization's culture, whether it beryllium done meetings oregon documentation, the much unafraid it volition be.
Click here to perceive to the afloat episode.
Written by David Leichner (CMO), Shlomi Ashkenazy (Head of Brand) and Rafi Spiewak (Director of Content) astatine Cybellum
Subscribe to Geektime
Get the latest posts delivered close to your inbox
Great! Check your inbox and click the nexus to corroborate your subscription.
Please participate a valid email address!
Tags
/cdn.vox-cdn.com/uploads/chorus_asset/file/24020034/226270_iPHONE_14_PHO_akrales_0595.jpg)
English (US)