Top 2021 Cybersecurity Trends Influencing U.S. Federal Agency Investments
With threats on the rise, the federal government is taking decisive action to address high-risk information security challenges. Agency CIOs are launching key initiatives and making significant investments in solutions designed to protect critical applications and infrastructure and address security vulnerabilities that put our nation’s interests at risk.
As cybersecurity technology, frameworks, and standards continue to evolve, you need to keep pace to strengthen your security posture and mitigate potential risk. The COVID-19 pandemic has only amplified the need to align cyber defenses with ever-changing requirements. Looking ahead to 2021, F5 sees four key trends that are driving cybersecurity investments in the U.S. Federal sector.
Trend #1: SOAR
Evaluating multi-vendor security controls in the context of both IT assets and the business
The cyber landscape is constantly changing, which means your agency needs to make application security more dynamic to stay ahead of threats. But when you use many security point solutions to address specific threats, you’re bound to encounter visibility gaps and data or application silos — causing potential vulnerabilities to fall through the cracks.
That’s why the SOAR (Security Orchestration, Automation, and Response) framework is gaining traction in government enterprises. A term coined by Gartner, SOAR encompasses threat and vulnerability management, security operations automation, and security incident response, enabling organizations to collect threat-related data from a range of sources and systems, and to respond to low-level threats without human intervention.
Robust security solutions are a core component of an effective SOAR strategy. Look for solutions that deliver the automated detection, mitigation, and analytics capabilities your agency needs to define, prioritize, and standardize security functions. Automated tools and services that leverage advanced AI and machine learning to detect fraudulent activity and illegitimate transactions in real time are especially helpful in preventing sophisticated attacks. Plus, solutions that deliver end-to-end visibility across your application portfolio enable you to check health status and security posture agency wide.
The SOAR framework establishes integration to enable highly automated incident response workflows and to support an adaptive defense. Your next big step might be adaptive applications that grow, shrink, defend, and heal themselves based on the environment in which they’re being used. This requires a layer of analytics and automation that takes in the telemetry coming off your application services and passes configuration back down to them.
Machine learning and other AI techniques can enable the system to learn from historical or similar traffic patterns and provide insight into exactly what's happening as well as the best path forward for optimizing performance and security along the application data path.
The SOAR framework enables collection of threat-related data, and responding to low-level threats without human action.
Trend #2 : Zero Trust
Rethinking the traditional network perimeter for enhanced security
While the concept of Zero Trust has been around for a decade, it has taken on new urgency as more federal employees work from home during the COVID-19 pandemic. As the mobile workforce expands and more applications are being deployed in multi-clouds, securing the traditional network perimeter is no longer sufficient, accelerating the move to Zero Trust. With bad guys constantly plotting new ways to gain access to target networks, “trust, but verify” is giving way to “trust nobody, protect everywhere.”
The challenge in Zero Trust security is how to prevent unauthorized access without creating user friction or increasing your IT burden. Choosing the right access management and authentication technology is crucial— especially as you expand in the cloud and support more remote workers.
F5 has strong Zero-Trust security solutions for the federal sector. A large U.S. federal agency recently utilized existing F5 BIG-IP platforms to enable Zero Trust — a seamless process since F5 devices are so widely deployed within their network. In fact, this agency has purchased more than 2,500 F5 devices in the past several years alone.
Trend #3: TIC 3.0
Embracing a more flexible approach to securing data and using the cloud
The Zero Trust “assume breach” shift is clearly embedded in TIC 3.0, which expands upon the Cybersecurity and Infrastructure Security Office’s original Trusted Internet Connections (TIC) initiative to provide flexible guidance for better securing a wide spectrum of agency network architectures. While TIC 2.0 isn’t going away, TIC 3.0 overlays a new set of network security standards that reflect a more distributed architecture, supporting widespread adoption of cloud computing and an increasingly remote workforce across the federal government.
Addressing demand for a less prescriptive approach, TIC 3.0 recognizes shifts in modern cybersecurity and advances in technology to guide agencies toward desired outcomes. As your agency prepares TIC 3.0 use cases, you can start moving away from current approaches, defining the best way to secure internet connections and speed up your digital transformation.
TIC 3.0 removes many former barriers to cloud adoption, freeing your agency to explore new deployment approaches. As your agency expands in the cloud, consider a fully managed services platform that enhances safe, reliable application delivery with dynamic security baked into every level to protect against multiple attack vectors. Cloud services make it easy to provision and configure the services your application needs, while providing the high availability, responsiveness, and automatic scaling today’s mission-critical systems demand. Look for cloud services with tools for real-time visibility and analytics, so you can track performance and usage for accountability and reporting purposes.
As your agency prepares TIC 3.0 use cases, you can start defining the best way to secure your internet connections and speed up your digital transformation.
Trend #4: CDM
Better monitoring and managing of cyber threats agency-wide
Assessing and mitigating cybersecurity threats is an urgent priority, and the federal government is backing it up with technology investments. The Continuous Diagnostics and Mitigation (CDM) Program provides agencies with cybersecurity tools, integration services, and dashboards for monitoring and managing threats to improve their respective security postures. More than 50 agencies now report summary data about their networks to the CDM dashboard, but most are behind schedule in implementing CDM’s network security and data protection capabilities.
Meeting CDM mandates requires a holistic security approach for protecting critical assets from threats that originate both outside and inside your network environment. But this easier said than done given that most traffic is now encrypted. Your agency needs a way to decrypt traffic so that security devices can properly inspect and log application layer data.
Dynamic service chaining and policy-based traffic steering empower your team to intelligently manage encrypted traffic flows across the entire security chain with optimal availability. You also need the ability to scale out logging solutions to provide log duplication and maximize retention. These capabilities extend visibility to expose and mitigate threats traversing the network.
In the current threat environment, the source of most attacks — DoS, data breaches, credential stuffing, brute force, resource hoarding, and others — is almost always automated. In some cases, traditional web application firewalls (WAF) are unable to cover the most sophisticated threats. As your agency works to address CDM requirements, consider advanced WAF solutions that employ countermeasures, such as DoS detection, proactive bot defense, and application-layer encryption of sensitive data, to improve the security posture of web applications.
Conclusion: Mapping investments to trends
Moving forward, strong cybersecurity will require vigilance, adaptability, and the right solutions to protect applications, data, and critical infrastructure. By aligning technology investments with key 2021 cybersecurity trends, your agency can reduce risk exposure and accelerate incident response — even as new threats emerge — so you can stay focused on your mission.
Dave Nyczepir, 2019 in Review: CDM Program Continues to Wait for Nod from Congress, FedScoop (December 31, 2020)