Given that the U.S. Technology Modernization Fund is spending $1 billion to upgrade technology systems, including cybersecurity projects, it is useful to pause and seek expert opinions on how this money is being spent and whether the identified projects are worthwhile.
The scope of the fund is to provide U.S. agencies additional ways to deliver services to the public more quickly, better secure sensitive systems and data, and to use taxpayer dollars “more efficiently”.
With cybersecurity, this is something that impacts on everyone. The U.S. Department of Homeland Security sums this up as meaning “daily life, economic vitality, and national security”, each being impacted by the success or failures around cybersecurity.
Digital Journal asked Michael Rezek (VP of Cybersecurity Strategy at Accedian) and Sarosh Shahbuddin (Director of Product at voice biometric company Pindrop) to identify the most important technologies to invest in to effectively combat increasingly sophisticated nation-state hacks.
To begin with, and with a focus on network security, Michael Rezek explains why networks need to be protected as technology expands. He states: “The move to the cloud, and the distribution of IT assets across multiple clouds, is driving a massive demand in private connectivity.”
The bigger a system becomes, the more vulnerable it may also become, explains Rezek: “The more applications are network dependent, the greater the attack surface and number of attack vectors there are to the critical data these applications move across IT environments.”
The pace of change can also create obstacles, Rezek notes: “The speed at which this is taking place very often creates a “function over diagnostic” and “function over security” mentality to simply get infrastructure deployed, provisioned and operational.”
Not all is covered by the darker clouds, there are solutions at hand, Rezek adds: “More than ever, the need for a layered security model that includes not just traditional endpoint and perimeter defenses, but network-based security Is required. The network is the one place where an attacker cannot hide. He can bounce around, and probe and perform reconnaissance, and endpoints may not ever see the assailant laterally moving. Also, with IoT exploding, very often it’s not feasible to deploy endpoint protection on devices.”
Rezek concludes saying that the network tells all and the funds that are being allocated by the US Technology Modernization Fund should absolutely support network-based security.
Looking at things from the securing voice-enabled devices and services perspective, Sarosh explains: “For the government to improve how it responds to pandemics, deploying fraud detection and authentication technologies for automated systems will be key.”
Date supports this, the analyst finds: “In the early stages of the pandemic overall call volume to the contact center climbed 300 percent in just days. By the later stages we were seeing enterprise contact center call volumes jump over 800 percent from normal levels. Unsurprisingly, the volume of calls to call centers jumped as physical locations closed. As COVID cases peaked in late March and beginning of April, there was also a simultaneous spike in unemployment (as teams began to change operations, agent call capacity dropped by 20 percent).”
This state of affairs has consequences, in that: “More calls, less people to handle calls, means a lot of unhappy citizens.”
As to the technology required, Sarosh says: “By deflecting calls to automated systems and being able to apply fraud detection and authentication could have helped the government transition better.”
