As governments address digital vulnerabilities, they’re shifting from a reactive to proactive mindset
There’s been so much discussion over the last two years about infrastructure (unsurprisingly, given the American Rescue Plan and the Bipartisan Infrastructure Act) that it’s easy to forget how much focus the federal government has recently placed on cybersecurity.
A few executive orders and laws signed into law by President Joe Biden, like the Executive Order on Improving the Nation’s Cybersecurity, which was enacted in spring of 2021, have fundamentally changed the national perspective on the importance of strong cybersecurity and good digital hygiene. To this point, most of the legislative work has been done at the federal level and doesn’t necessarily impact state and local governments—but that’s changing.
A new law in Louisiana, for example, requires managed service providers doing business with any public-sector entity in the state to register with the Secretary of State’s office. At its core, the effort is an attempt by public organizations to gain more insight into the cyber defenses of organizations that pose a security risk to sensitive information before anything bad happens—this represents an important evolution, according to Craig McCullough, senior vice president of public sector at Riverbed Technology, a California-based tech company. Among other requirements, the Louisiana law requires agencies to report breaches within 24 hours. He expects other states will soon follow.
“It seems like they have a very proactive approach to that, where other states have a reactive approach,” McCullough said. “State and local governments, especially because of the pandemic, are now realizing they are not immune from not only cyber attacks, but threats that come as a result of attacks on someone else who they might be connected with.”
On a micro level, this perspective shift from reactive to proactive action is taking place in cities and counties across the United States, and at all levels of operation.
Practically, this change is being driven by technological innovation. A decade ago, IT infrastructure was contained to large data centers that were easily managed and could be monitored from a centralized location. Today, it’s dispersed throughout many different cloud-based systems and across organizations. And beyond technological changes, there’s been an industry-wide change in work norms.
“We hit the pandemic, and all of a sudden, all of these IT managers and infrastructure specialists who, at one point would have been in a local office, are now working from home,” McCullough said. “People in their homes, or maybe in a hotel, are now trying to gain access to critical pieces of infrastructure, and keep it up and running. That, in and of itself, creates a massive amount of issues from the cybersecurity perspective.”
This has prompted governments to make improving network visibility a key component of their cybersecurity posture—especially given the dramatic increase in the number of local governments targeted by cybercriminals in the last few years.
“If you can’t see it, you can’t manage it,” McCullough said. “That is probably at the heart of the issues we see today. Everything can probably point back to ‘if we knew about it earlier, we could have dealt with it earlier.’”
Creating visibility in network systems is a technical process, but it’s an important one—and not only because of its immediate cybersecurity implications. Automating the monitoring of ecosystems, and identifying and remedying discrepancies is an emerging—and very effective—application for artificial intelligence.
“A lot of these issues start as typical help desk issues, where back in the day someone might pick up a phone and call,” McCullough said. “When you have full observability across your environment … you can attach AI to that.”
It’s another example of local governments shifting from a reactive to a proactive cybersecurity approach.