The new US administration’s approach to modernizing the nation’s cybersecurity defenses was laid out by Anne Neuberger, deputy assistant to the president and deputy national security advisor for cyber and emerging technology, National Security Council, during a keynote session on day two of the virtual RSA Conference 2021.
Neuberger began by describing the increasingly dangerous cyber-threat landscape, noting that President Joe Biden’s administration has already had to deal with two large-scale incidents during its first 100 days in office—the SolarWinds and Microsoft Exchange attacks.
“Governments and companies are under constant, sophisticated and malicious attack from nation-state adversaries and criminals,” she outlined, adding that “today, more than ever, cybersecurity is a national security imperative.”
In this environment, Neuberger stated, it is time to shift the mindset from incident response to prevention. “I’ve observed that as a community we’ve accepted that we’ll move from one incident response to the next,” she said. “While we must acknowledge that breaches will happen and prepare for them, we simply cannot let waiting for the next shoe to drop to be the status quo under which we operate.”
With this principle in mind, Neuberger set out three areas the current US federal government is focusing on to enhance the nation’s cybersecurity:
1. Modernize Cyber-defenses
Neuberger stated how the SolarWinds attacks demonstrated that “some of the most basic cybersecurity measures were not systemically rolled out across federal agencies.” These include multi-factor authentication, encryption and endpoint detection.
As well as mandating these basic security hygiene measures in government, Neuberger said the administration is also introducing ways of ensuring the software security it purchases from vendors is up to scratch. She explained that the products the government buys “often include defects and vulnerabilities.” This is being accepted by developers, either because they expect to be able to patch later or they decide to ignore them if they deem the defects to not be sufficiently serious, according to Neuberger.
“That’s not acceptable—it’s knowingly introducing unknown and potentially grave risks that adversaries and criminals then exploit,” she stated.
To tackle this issue, Neuberger revealed it is a priority of the government to ensure the software it buys is built securely from the start, “by potentially requiring federal vendors to build software in a secure development environment.” She added that this approach should have the knock-on effect of enhancing the software security brought by organizations outside of government, such as schools and small businesses.
Another vital step in this area is to gain visibility into what software is developed securely and what isn’t, as it is currently impossible for customers to make this assessment. Neuberger explained: “Today we place our trust in vendors but we largely do it blindly, because we don’t have a way to measure that trust.”
Today we place our trust in vendors but we largely do it blindly, because we don’t have a way to measure that trustAnne Neuberger
She additionally highlighted that the administration is currently working on a pilot program to protect the technology relied upon in critical national infrastructure. This initiative “will facilitate private-sector efforts to install new technologies that provide timely visibility, detection, response and blocking capabilities.” Neuberger noted this is “the first step in a series of efforts we’ll be working on to ensure we can trust the systems underpinning our critical infrastructure.”
2. Return to a More Active Role on Cyber Internationally
Neuberger also emphasized the need for the US to strengthen its global partnerships “to counter adversaries that leverage technology to undermine national and global security.” She highlighted a number of initiatives in this area, including the Quadrilateral Security Dialogue (QUAD), which aim to “counter cyber-threats and hold malicious actors accountable.”
She revealed that one of the administration’s first global cybersecurity initiatives will be a “cooperative effort to counter ransomware,” with this vector becoming increasingly prevalent. She noted: “This represents a national security threat for countries around the world because it can disrupt schools and hospitals and governments’ and companies’ abilities to deliver services. And because of the huge financial cost.”
Neuberger added that it is particularly concerning that ransomware actors are often able to strike by targeting known weaknesses, such as endpoint and software vulnerabilities.
Additionally, the increasing sophistication of ransomware groups, in terms of both their techniques, like the use of fileless malware, and their operational models, including the growth of double-extortion schemes, cannot be ignored. Neuberger commented: “International cooperation to address ransomware is critically important because transnational criminals are most often the perpetrators of these crimes and they often leverage global infrastructure and money laundering networks to do it.”
3. Prepare America’s Future Cybersecurity Posture
As well as focusing on securing today’s technology and infrastructure, Neuberger said another priority of the Biden administration is “to invest in and facilitate the innovation of tomorrow.” As such, the government’s American Jobs Plan has a proposal to invest $180bn in R&D emerging technologies. This covers areas like AI, quantum computing and micro-electronics.
This investment is vital for enhancing the US’s cyber-defenses, according to Neuberger. In particular, she highlighted the future importance of quantum computing in this regard. While this technology “promises to revolutionize certain unsolvable computing problems,” it will also “fundamentally disrupt cybersecurity and the technology platforms on which it’s built.”
This is because quantum computing offers malicious actors new vectors to compromise IT systems, with potentially “devastating” impacts on certain encryption methods, such as isometric encryption, which is “the foundation of our economic and national security communications.”
As such, the American Jobs Plan “reflects a commitment to accelerate US leadership in quantum computing and quantum information science more broadly,” which will help “protect the country from the adversarial use of these technologies.”
Neuberger concluded her talk by saying: “Bolstering the nation’s cybersecurity, safeguarding our critical infrastructure and renewing America’s advantages broadly are fundamental to the Biden administration’s commitment to our national security strategy.”