Federal government's approach to mitigating third-party dangers and insider risks in a drive for efficiency

Federal government's approach to mitigating third-party dangers and insider risks in a drive for efficiency

In the digital age, the threat of cyberattacks looms large over federal agencies. One recent example is the cyberattack launched by Chinese state-sponsored hackers on the Treasury Department, which was carried out through a third-party cybersecurity service provider.

To address this heightened risk, federal agencies can adopt a multi-pronged, technology-driven, and coordinated approach. Here are seven key strategies:

1. Employing Advanced Insider Threat Detection: By using diversified tools that incorporate machine learning and user behavior analytics (UBA), agencies can establish baselines of normal activity and prioritize alerts. This approach reduces false positives and improves risk detection across on-premises, cloud, and hybrid environments. Key capabilities include database firewalls, user rights management, data masking, encryption, data loss prevention, and database activity monitoring.
2. Implementing Identity and Access Management Best Practices: Enforcing multi-factor authentication (MFA), applying the principle of least privilege, and monitoring privileged user activities can limit insider threat potential and third-party risk.
3. Seeking Guidance from Federal Cybersecurity Bodies: Agencies should leverage resources and guidance from bodies like CISA and the National Insider Threat Task Force (NITTF). Using up-to-date public-domain mitigation guides and frameworks assists agencies in addressing insider threats while aligning with government mandates.
4. Risk-Based Prioritization and Enhanced Monitoring: Agencies should adopt a risk-based approach to prioritization and monitoring, focusing on critical assets and third-party providers. Regular security assessments and continuous monitoring of supply chains, databases, and infrastructure components help mitigate vulnerabilities arising from contractors and external entities.
5. Promoting Cross-Department and Cross-Agency Coordination: Enhanced collaboration helps consolidate resources amid budget limitations and aligns with government initiatives seeking efficiency without compromising cybersecurity.
6. Championing Zero-Trust Architecture: Reducing trust assumptions inherent in legacy systems and improving control over user and device access organization-wide can minimise exposure to insider and third-party threats.
7. Modernizing Acquisition Processes: Agencies should seek flexible contracting solutions, adopt security-focused procurement frameworks, and engage vendors offering rapid integration to keep pace with evolving threats.

Organisations should consult with legal and compliance professionals to ensure their cybersecurity strategies meet all applicable federal, state, and international requirements. It's also important to remember that unintentional insider threats can emerge from security policy violations by insiders and human error.

Addressing cyber risks is about helping agencies achieve their missions and build cyber resilience. Budget constraints and acquisition processes must keep up with the rapid pace of technological change in the strategic planning process. The federal government is currently dealing with new government initiatives on efficiency and cybersecurity, and it's crucial that these initiatives are aligned with effective cybersecurity measures.

In conclusion, by combining advanced technology solutions, stringent identity/access governance, risk-based third-party oversight, federal guidance utilization, and inter-agency collaboration—all adapted to government budget realities and acquisition challenges—federal agencies can more effectively mitigate insider and third-party risks while supporting cybersecurity executive orders and efficiency initiatives. The views expressed in this article are those of the author and do not necessarily reflect the official policy or position of Rubrik.

In the process of strengthening cybersecurity within the federal workforce, it's important to consider budget cuts and workforce reimagined in the digital age. Strategies like employing advanced insider threat detection, implementing identity and access management best practices, and modernizing acquisition processes can help federal agencies address cybersecurity threats and align with government initiatives on efficiency, while maintaining a workforce that is versed in technology and cybersecurity.

Read also: