Agencies Look to Protect Data by Leveraging Resources

Cybersecurity and Infrastructure Security Agency (CISA) leaders are employing robust security strategies and collaborating with other agencies to protect their data as threat actors continue to target government facilities.

Using tools to prioritize risk management can lead to security improvements, said Mona Harrington, assistant director of CISA’s National Risk Management Center (NRMC) at Nextgov/FCW’s Strengthening Government Resilience Against Ransomware webcast on Tuesday.

“Strategic resource allocation is so crucial to protect our national assets,” she said. “For example, we develop the National Critical Functions (NCF) framework, which identifies and analyzes risks across sectors based on 55 national critical functions using an asset-based list that assists us with looking at these risks and how the impacts cascade across.”

Investment in new software tools

CISA safeguards critical networks with programs such as the Protective Domain Name System Resolver, an AWS-hosted service that blocks over 3 billion Domain Name System (DNS) queries a day. The NRMC provides critical analytical support to CISA by investing in resources like support and software tools, which are used to understand infrastructure interdependencies, said Harrington.

“We use decision support tools, such as risk registers, to identify, assess and prioritize those significant risks to critical infrastructure, applying enterprise risk management, the best practice to really provide that comprehensive view of cross-sector risk exposure,” she said. “We also have a number of software tools with powerful capabilities that allow our analysts to visualize and analyze linkages and dependencies between functions, sectors, and entities.”

Implementing a zero-trust approach can allow agencies to create a “consistent security framework and a uniform user experience” to protect from ransomware attacks, said Harrington.

“Zero trust, at its core, is about eliminating implied trust and increasing authentication,” she said. “Whether a user is in the office, connecting to an open wireless network, or working from home, their security protocols would remain the same. That consistent application of security measures really helps to combat ransomware and other digital attacks effectively by reducing the vulnerabilities and maintaining strict access controls.”

Agencies need to collaborate

The NRMC cannot achieve its goals without support, Harrington said.

“Our analysis is very important, but without collaboration across CISA, government and industry partners, the NRMC really can’t achieve its mission,” said Harrington in a CyberCast interview earlier this year. 

Through critical partnerships and the use of tools, agencies can identify and reduce significant risks, helping keep critical infrastructure secure.

“Given that ransomware can target any critical infrastructure system, from energy grids to health care facilities, our prioritization efforts and tools combined with close coordination with our critical infrastructure partners are absolutely vital because that collaboration really helps us identify, assess, and prioritize risks, enabling CISA and other federal partners to manage their unique sector-specific risks effectively,” she said.