Security has always been of paramount concern for government agency leaders. The focus has shifted from keeping the “bad guys” out to realizing that no system is safe from being breached. Now the focus is on quick recovery and protection of data. In order to help you protect your agency, GovWhitePapers has assembled a portfolio of government security white papers, eBooks, case studies and infographics.
Trust no one. No, really, no one.
Zero Trust has emerged as a pathway to the elusive goal of secure systems. Under this approach, users connecting to the network have to prove valid authorization before being allowed access. Once in, their access to data is controlled via their role with the organization. For example, someone not in HR would not have access to systems or documents containing salary information. This access extends beyond just the user to the device they are using. The device being used to access systems must also pass authorization guideposts.
Securing all the “things”
Addressing both users and devices is critical as the use of the Internet of Things (IoT) increases and more and more “things” are tied to networks. Take for example, the recent hack of a water treatment plant in Florida. A hacker gained entry to the computer system and was able to change settings that could have increased the level of lye in the water system, poisoning the water supply.
Beyond what we think of as IoT, other “things” can greatly impact the security of IT systems. Asset management and monitoring supply chains are becoming more critical to ensure that organizations know where all of their IT system pieces are and where they came from. This allows them to mitigate any potential threats from foreign entities looking to install harmful software on government systems. This visibility extends beyond government entities and into the private sector companies that serve government with CMMC requirements now being implemented as part of contracts.
Coordinated Public/Private Response is Critical
Private and public coordination is critical for averting future incidents, and sharing insight via whitepapers and events is a powerful tool in preventing and responding to future threats. Here’s a head start in learning more about the latest security threats and remediation tactics with these resources:
- Cybersecurity Lessons from the Pandemic – Authored by legislators, this paper collects observations from the pandemic as they relate to the security of cyberspace, in terms of both the cybersecurity challenges it creates and what it can teach the United States about how to prepare for a major cyber disruption.
- America’s Critical Infrastructure in the Crosshairs: Understanding the Cyber Threat Landscape – While critical infrastructure faces vulnerabilities that expand far beyond the cyber sphere, including technical failure and natural disaster, in recent years cyber threats have grown from “potential” and “future” problems to imminent concerns. This paper addresses the cyber state-of-play for U.S. critical infrastructure sectors and how organizations can protect themselves against growing threats.
- Cybersecurity Incentives Policy White Paper – This paper looks at the cybersecurity challenges on the Bulk Electric System(BES) and existing CIP Reliability Standards. It discusses the importance of infrastructure security, including efforts to incentivize energy infrastructure security to date, and why there is a need to adopt a new approach to incentivize cybersecurity investments. An incentives framework for cybersecurity investment is also presented.
- Anatomy of Mobile Attacks – This paper lays out the scope of mobility and the wide variety of threats and attack vectors that result from mobile access. It looks at what must be done beyond baseline standards and solutions to achieve needed levels of security.
- The Tech Trojan Horse: China’s Strategic Export of the Surveillance State – China aspires to be tomorrow’s digital hegemon via the strategic export of its surveillance state to developing and autocratic countries. This paper looks at how to combat growing Chinese influence in the developing world, and how the U.S. private sector is developing technological solutions to undermine digital authoritarianism and remove the dependency on China.
These are just a small sample of the cybersecurity resources on GovWhitePapers.com. You can browse government white papers, case studies, eBooks (and more!) on cybersecurity through our search engine here: