Defending Federal Data: The Future of Cybersecurity in Government

December 18, 2024

Sponsored by Presidio Federal & IBM

FOCAL: A Unified Plan to Strengthen Federal Cybersecurity

Shelly Hartsook, Deputy Associate Director of Capacity Building at CISA, provides an in-depth overview of the Federal Civilian Executive Branch Operational Cybersecurity Alignment Plan (FOCAL). She explains how FOCAL addresses systemic issues uncovered during significant incidents like the SolarWinds cyberattack, emphasizing the need for federal agencies to work together as a unified enterprise. Shelly outlines the plan’s five priority areas: asset management, vulnerability management, defensible architecture, supply chain risk management, and incident response. She discusses how these focus areas were identified based on trends and challenges observed in previous attacks and highlights specific goals, such as improving visibility into assets, proactively managing vulnerabilities, and advancing incident response capabilities. Shelly also underscores the collaborative nature of FOCAL, emphasizing that it is not a simple checklist for agencies but a shared plan in which CISA works alongside agencies to drive progress and achieve meaningful improvements in federal cybersecurity.

Key Takeaways:

1. The FOCAL plan addresses systemic challenges across federal agencies, unifying their efforts to manage vulnerabilities, improve asset visibility, and strengthen response to evolving cyber threats.
   
   
2. CISA has identified five critical areas—asset management, vulnerability management, defensible architecture, supply chain risk management, and incident response—as the foundation for improving federal cybersecurity resilience.
   
   
3. FOCAL emphasizes a partnership between CISA and agencies, offering resources, guidance, and shared responsibilities to drive measurable progress across the federal enterprise.

AI and Cybersecurity: Dual Threats and Opportunities

Jeff Crume, Cybersecurity Architect and Distinguished Engineer at IBM, dives into the rapidly evolving relationship between artificial intelligence (AI) and cybersecurity. He explores the dual role of AI, both as a powerful tool for improving defenses and as a new attack vector for malicious actors. Jeff discusses how AI can be leveraged to enhance threat detection, automate responses, and improve cybersecurity outcomes, while also cautioning against risks like shadow AI, where unauthorized AI tools and systems can create vulnerabilities. He highlights the importance of securing AI tools, ensuring ethical use, and preparing for future challenges posed by quantum computing, which could compromise traditional encryption. Jeff advises federal leaders to take proactive steps, such as cataloging sensitive data, developing a "crypto bill of materials," and transitioning to quantum-safe encryption, to protect against future threats. He also encourages agencies to explore how generative AI can support cybersecurity efforts while maintaining robust safeguards.

Key Takeaways:

1. Artificial intelligence can enhance cybersecurity defenses but also creates new vulnerabilities, such as risks from shadow AI and automated attack tools.
   
   
2. Agencies must prepare for future threats posed by quantum computing by transitioning to quantum-safe encryption and cataloging sensitive data to mitigate risks.
   
   
3. Leaders should prioritize data discovery, implement strong cryptography practices, and leverage AI tools ethically and securely to strengthen cyber defenses today while preparing for future challenges.
   
   

Proactive Cybersecurity at the Census Bureau

Glen Williamson, Cybersecurity Engineering Branch Chief for Cyber Resilience at the Census Bureau, shares how his team is addressing emerging cybersecurity challenges while maintaining a strong defense against traditional threats. Glen emphasizes the importance of educating users about phishing attempts and monitoring their responses to reduce the risk of successful attacks. He highlights the agency’s ongoing transition from on-premises infrastructure to cloud-based solutions, stressing the value of leveraging FedRAMP-authorized systems to streamline security and compliance efforts. Glen also discusses the need to build a workforce with expertise in cloud technologies and AI to adapt to the ever-changing cyber threat landscape. By embedding security into systems from the start and fostering collaboration across teams, Glen and his team are working to ensure the Census Bureau remains resilient against evolving threats and well-prepared for the future of cybersecurity.

Key Takeaways:

1. The Census Bureau has seen success in reducing phishing risks by educating users and tracking their responses, highlighting the importance of continuous awareness campaigns.
   
   
2. Leveraging FedRAMP-authorized solutions streamlines compliance and security processes, making the move to cloud-based infrastructure more efficient and secure.
   
   
3. Strengthening the agency’s cybersecurity capabilities requires a focus on hiring and training personnel with expertise in cloud technologies and AI to address emerging threats effectively.