What are the cybersecurity implications for the U.S. government in the wake of the U.S. attack and Iranian counterstrike?
To find out, Billington CyberSecurity recently spoke with Ret. Brigadier General Greg Touhill, President of the AppGate Federal Group and the former U.S. CISO. The conflict in the Middle East between the United States and Iran has put potential cyber attacks against the United States and its interests on front pages around the world. General Touhill said the Iranians have a “small but potent cyber team” yet said that if they strike the US in cyberspace, they “do so at their peril” as the U.S. capabilities are far superior. If they attempt a major strike at areas such as the financial, energy or transportation sectors, where they have demonstrated the intent and the ability, “all cards are on the table for the U.S.” as far as what a proportional response might look like, General Touhill added.
In this period of heightened cyber risk, General Touhill suggested six actions senior leadership in the Federal government should be doing to best manage cyber risk in the face of potential attack –
- Convene the Federal CISO Council to ensure federal CISOs have current intelligence on the threat environment and keep the Council up-to-date as the environment evolves.
- CISOs should review with their agency leadership disaster response and business continuity plans to ensure they are up-to-date and adequate to provide mission assurance.
- Ensure the agency security operations centers are operating 24×7 to detect and respond to any attack.
- Identify to agency leadership your cyber strengths and weaknesses against the Cybersecurity Framework so that cyber risk can be effectively managed as part of the enterprise risk program.
- Ensure sector-specific agencies are providing timely sharing of cyber and other risk management information actively with the ISACs, ISAOs and critical infrastructure providers.
- Be the exemplar of implementing the Cybersecurity Framework by executing best practices, such as operating with a zero-trust security strategy, properly patching and configuring systems and networks, implementing least privilege, segmenting networks, and requiring multi-factor authentication on all government systems.