Cyber is a team sport–here's how the public and private sectors can play together

Over the past year, we've seen the government take instrumental strides to improve the nation's cybersecurity and combat the rise in cyberattacks targeted at the public sector. From the Cybersecurity Executive Order to the Zero Trust mandate, the Biden Administration has demonstrated that it's making cybersecurity more of a priority than ever before, pushing agencies to improve their efforts and commitments to establish a strong security posture. However, despite this progress, only 33% of federal agencies forecast an uptick in their cybersecurity investment over the next 1-2 years.

With all the recent momentum in federal cybersecurity mandates, this number is puzzling – so let's take a closer look.

Federal cybersecurity has been getting a bad rap for years. In fact, last year a Senate Homeland Security and Goverment Affairs Committee report gave eighteen federal agencies grades of Ds and Cs on their cybersecurity posture. But what may be most alarming is the recent Federal IT Acquisition Reform Act (FITARA) 14 scorecard which shows a downward trend for several agencies regarding cyber efforts. For outsiders looking in, it almost looks like the government isn't trying to improve its security posture; however, the reality is that cybersecurity is constantly evolving and it's often difficult for leaders to keep up with an evolving cyber threat landscape. 

Case in point, 64% of security leaders say keeping up with security requirements has gotten harder in recent years, which is up from 49% in 2021. With all the improvements in technology, why is it so challenging for them to increase their cybersecurity readiness faster? 

Answer? Federal agencies currently lack the funds or resources necessary to meet many of these requirements, and don't know the actionable next steps they need to take to meet new mandates. For instance, many agencies viewed portions of last year's Cybersecurity Executive Order as unfunded mandates. The administration even acknowledges the difficulty in funding these requirements due to multi-year budget cycles. For example, in the OMB Zero Trust Strategy, OMB tells agencies they should leverage FY24 budgets to fund their zero trust requirements. With upwards of 80% of agency IT budgets annually geared towards legacy software, it can be difficult to make the technological leap needed without more resources. Moreover, our two-year budget cycle can be too slow to keep up with technology within an ever-evolving threat landscape. Congress has tried to address this with the Technology Modernization Fund, but the fund, and how it's administered, has yet to reach its full potential.

Cybersecurity is a never ending battle, with many experts agreeing that it will only get harder. That's why it's not only up to regulators but the industry as a whole to ensure that our federal agencies have the correct defenses in place by continuing to innovate. This starts with rethinking federal cybersecurity measures. 

Reimagining security regulations

As we've seen, the simple act of passing new requirements isn't an effective strategy for improving cybersecurity. Instead, policymakers need to make sure these agencies have clear, actionable guidance to meet new cybersecurity requirements. Finally, policymakers need to also ensure that agencies have the ability to access the technology quickly and in a sustainable manner through updates to acquisition policies, streamlining of compliance requirements, and investments in modernization funds.

In the meantime, given that changing legislation isn't something that can be done overnight, federal agencies can lean on their private sector partners to help meet upcoming requirements. Oftentime these partners are already aware of supplemental resources – such as the Technology Modernization Fund – that offers agencies the short-term funding or steps they need to meet new requirements. Technology partners can also help assess current technology stacks and share recommendations on how agencies can effectively improve their security posture. By working towards achievable and measurable goals – such as implementing multi-factor authentication or modernizing event  logging – agencies can take the steps required to meet the Cybersecurity Executive Order and other cyber initiatives. 

Public and private sector collaboration will be vital for long-term success

As we continue to enhance our nation's security posture, it is imperative that we take a whole-of-nation approach to defend against the most significant threats to the nation, including threats to our critical infrastructure. As an early member of CISA's Joint Cyber Defense Collaborative (JCDC), Splunk has seen first-hand the power of combining industry and government efforts on planning, threat analysis, and defensive operations to combat cyber threats. These days, the cyber threat landscape is simply too vast, and evolving too quickly, for anyone to go it alone. Cybersecurity is the ultimate team sport. Only through strong, consistent public-private collaboration can we hope to stay ahead of the threat.