Agencies Must Prioritize Planning for a Cyberattack Before It Happens
Cybersecurity concerns often stem from global drivers – a hostile nation -state wants U.S. military intelligence, a competitor overseas is looking for trade secrets, a criminal group with ties to politics wants to sow chaos on the internet.
But eventually, security issues seem to become more personal. Ask either the East Coast residents sitting on gas lines with their tanks empty after a ransomware attack that affected fuel supplies, or the residents and tourists who were disrupted after being cut off malware is the ability of a ferry company to take reservations.
It also brings frequency home – hackers attacked meat processors, schools, water treatment plants and public transportation systems in the early months of this year. But this happens so often that citizens find it difficult to keep up.
Cybersecurity expert and former Federal CIO Theresa Payton said, “When the announcement came out that the stolen Facebook data was now available and searchable, and people just said,‘ Yes, OK, ’I was shocked I’m in the absence of response. “Everybody’s fallen in life, and it’s just another.”
Agencies may need help adapting to the higher speed of new, more targeted attacks, and as they change to keep up, additional third-party products may be in. their shopping lists.
Where can they turn? CISA, of course; the agency is the government’s Cybersecurity Quality Services Management Office, which provides shared services to help agencies standardize, upgrade and better integrate their cybersecurity capabilities.
But IT partners and third-party vendors are also important resources for cybersecurity assistance, because their reputations are on the line after an attack as agency victims.
These businesses have begun to focus more on solutions and consulting such as selling products, guiding federal customers to the best and most secure technology needed to address these problems in the cyber age. Those who understand the technology and the products should make sure they have a direct line to their federal customers, and be ready to help in the event of an emergency.
But there is also an increasing awareness that responding to threats is not enough, that being proactive is a better way to protect both technology and agency. No agency and no vendor wants to next create headlines because of a malicious attack, and no agency wants to see citizen services.
In these times when U.S. residents rely heavily on government assistance through emergency loans, stimulus checks and free vaccines, protecting the IT infrastructure that delivers those services is crucial. Asking for help before a riot occurs is critical.