July 9, 2020 — Metrics are a new frontier for automating certain cybersecurity measurements, according to Mariam Baksh, a staff correspondent at Nextgov.
In a Thursday Nextgov webinar, moderated by Baksh, panelists discussed the benefits of utilizing automation to gather data for more informed metrics, in order to ultimately solve pressing cybersecurity issues in both the federal and private sector.
“It’s important to remember when we say ‘metrics,’ we just mean measurements,” said Brandon Valeriano, senior advisor of the Cyberspace Solarium Commission.
Automation and metrics are currently being utilized by the Continuous Diagnostics and Mitigation Program, a leading effort to reduce cyber risk and provide asset visibility to the federal government.
By distributing automated tools to federal agencies, their ability to monitor and manage the threat of cyber vulnerabilities is strengthened.
The goal of CDM is to improve the federal governments respective security posture, said program manager Kevin Cox.
“Agencies are not aware of their attack surface,” Cox said, referring to all of the places an advisory is able to exploit a network.
When the CDM program was utilized, researchers “found that agencies have 75 percent more assets than they were manually reported,” Cox said.
The objectives of the program are to reduce agencies’ threat surface, increase visibility into the federal cybersecurity posture and improve federal cybersecurity response capabilities.
Valeriano, who Baksh mentioned had more experience in the private sector than his fellow panelists, spoke of utilizing metrics and automation to solve an alternative problem.
“We’re generally collecting data on security risks for no real purpose of analysis,” Valeriano said. “We only know about what we’re already looking for.”
Valeriano called for utilizing metrics to develop a better situational hyper-awareness, so eventually attacks could be predicted and mitigated.
Other panelists reported that they are not doing the type of work that Valeriano described, revealing a division in development between segments of the private and public sector.
“Automation is the way to go,” said Vijay D’Souza, director of the information technology and cybersecurity team at the Government Accountability Office. “The more tools you have to handle the vast amounts of data we’re dealing with the better.”
However, automation may not catch major threats, such as attackers going for harder to exploit targets, D’Souza said.
To solve this, a “marriage of artificial intelligence and human intelligence is ideal,” he said.
- Breakfast Media Minute: October 22, 2020
- Nokia 4G on the Moon, Localities and Drone Operations, Ajit Pai’s 6G Keynote Speech
- Broadband Breakfast Live Online on Wednesday, October 21, 2020 — Preparing for Success
- Breakfast Media Minute: October 21, 2020
- Federal Trade Commissioners Disagree About Role of Antitrust Lawsuits Against Big Tech
Signup for Broadband Breakfast
Fiber5 months ago
Fiber Networks Hold a Cybersecurity Advantage Over Rival Co-Axial and Wireless Technologies, Say Panelists
Congress5 months ago
Senators Introduce Healthcare Broadband Bill as House Companion, Proposes $2 Billion Telehealth Expansion
Artificial Intelligence4 months ago
Brookings Panelists Emphasize Importance of Addressing Biases in Artificial Intelligence Technology
Broadband Roundup1 month ago
Nathan Simington is Trump’s New Man for FCC, New Speed Test, Challenges for State Net Neutrality
China6 months ago
China Expert Predicts that Nation’s Flawed Coronavirus Response Will Damage the Power of Chinese Communist Party
Rural6 months ago
Why the Rural Digital Opportunity Fund is So Significant, and How to Succeed in Applying For RDOF
Artificial Intelligence4 months ago
U.S. State Department Employing Artificial Intelligence Against COVID-19 Misinformation
Broadband's Impact3 months ago
Broadband Breakfast Live Online Launches Weekly Series Featuring ‘Champions of Broadband’