The US Federal Government has recognized the importance of strengthening its cybersecurity, taking significant actions to protect our national security. Here, we highlight each of these actions and describe how HCL BigFix supports the government’s (and any organization’s) initiatives to strengthen the ability to prevent cyberattacks.
“United States remains the most highly targeted country with 46% of global cyberattacks being directed towards Americans.”
~ Top Cybersecurity Statistics, January 2023, CompTIA
On May 12, 2021, Executive Order (EO) 14028 – “Improving the Nation’s Cybersecurity” was issued, requiring agencies to enhance cybersecurity, making the prevention, detection, assessment, and remediation of cyber incidents is a top priority. Within 60 days of the EO, the head of each agency was required to develop a plan to implement a Zero Trust Architecture. Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources.”
Later that year, Cybersecurity and Infrastructure Security Agency (CISA) issued the Binding Operational Directive (BOD) 22-01,Reducing the Significant Risk of Known Exploited Vulnerabilities, to drive urgent and prioritized remediation of vulnerabilities that are being actively exploited by adversaries. The directive establishes a CISA-managed catalog of known exploited vulnerabilities (KEVs) and generally requires the remediation of Common Vulnerabilities and Exposures (CVEs) within two weeks; however, the timelines may be adjusted in the case of grave risk to the Federal Enterprise.
To advance BOD 22-01, Shalanda Young, Acting Director of the Office of Management and Budget, released a memorandum in January 2022 to the heads of executive departments and agencies setting forth a Federal Zero Trust Architecture (ZTA) strategy. It requires agencies “to meet specific cybersecurity standards and objectives by the end of fiscal year 2024 in order to reinforce the Government’s defenses against increasingly sophisticated and persistent threat campaigns.” The memorandum mandates that agencies implement zero trust across identifies, devices, networks, applications/workloads, and data.
Federal agencies are instructed to create reliable asset inventories, a foundational element of any cybersecurity initiative. CISA’s Continuous Diagnostics and Mitigation (CDM) Program provides a structured implementation of Information Security Continuous Monitoring (NIST 800-137.) In the first phase of the program, agencies must understand what’s on their network in terms of hardware and software assets. In a MITRE presentation about CDM, BigFix as an essential solution for the CDM program to:
- Provide a foundational asset inventory across their enterprise
- Enforce continuous compliance of FISMA controls using BigFix DISA STIG checklists
- Deploy patches to correct vulnerabilities
Transitioning to a zero trust architecture will not be a quick or easy task for any organization or enterprise, especially one as complex and technologically diverse as the Federal government. To that end, BigFix is aggressively working to support the Federal government’s cybersecurity initiatives and policies by delivering core capabilities that enable organizations to:
- Be compliant with BOD 22-01. The CISA KEV Analyzer, delivered with BigFix CyberFOCUS Analytics, helps you visualize all known threats that exist in their endpoint environment and enables agencies to prioritize remediation efforts based upon the magnitude of the exposure and the against the CISA-mandated remediation dates.
- Creating a foundational hardware and software asset inventory across their enterprise. BigFix Inventory provide valuable insight into what an organization own, and what it has installed but does not own, and how often the software is being used.
- Enforcing compliance across all endpoints using customizable checklists based upon CIS, PCI and DISA STIG. BigFix Compliance continuously enforces configuration compliance with thousands of out-of-the-box security checks aligned with industry-standard security benchmarks. It also delivers advanced vulnerability posture reporting for remediation prioritization.
- Deploying patches to correct vulnerabilities. BigFix provides an automated, simplified patching process, administered from a single console, with content for nearly 100 different operation system versions and variants.
Recently we published a zero trust whitepaper and webinar about zero trust. To learn more, visit https://www.hcltechsw.com/bigfix/zero-trust or contact us.