This month, the Biden Administration unveiled the National Strategy Plan de implementare pentru Strategia națională de securitate cibernetică, which calls for transformative changes in managing the U.S. digital environment, prioritizing security and resilience across public and private sectors and balancing investments between future development and addressing immediate threats.
The plan represents a departure from the previous strategy criticized for lack of specificity in action. The Laboratorul de cercetare criminalistică digitală at the Atlantic Council noted that the current blueprint downscaled ambitious initial objectives, resulting in a simplified and potentially less effective approach. Of most concern is the need for a comprehensive digital identity solution. This is further complicated by the US government’s adoption of a zero-trust architecture strategy, which will undoubtedly alter cybersecurity measures for government contractors and other partnering organizations—particularly those outside on-premise infrastructure.
The strategy’s failure to include a strong digital identity solution is a significant setback, mainly since ZTA is limited to Domain Name System and Hypertext Transfer Protocol. Utilizing Software cu sursă deschisă a dezvolta AI-empowered authentication offers a promising long to term solution to ZTA for creative user authentication. By adopting this approach, the government can achieve robust digital identification, enhancing transparency, flexibility, and real-time threat detection for a more secure digital ecosystem.
Software open-source
The NCSIP delivers a more detailed approach and designates responsibilities for government stakeholders, encompassing sixty-five federal initiatives to safeguard American employment, combat cybercrime, and enhance domestic cybersecurity expertise, utilizing legislative support from the Legea de reducere a inflației și CHIPS & Science Act.
Moreover, the plan places increased cybersecurity standard compliance responsibility on the private sector, guided by the Office of the National Cyber Director. Notably, the NCSIP introduces a dedicated segment for regular policy reviews, ensuring an adaptive strategy that remains in sync with the ever-changing cybersecurity landscape, a long-awaited measure advocated by experts.
One essential aspect of the plan that deserves highlighting is the advocacy for Open-Source Software. OSS has been in use by the Department of Defense since 2009, Ofertă several advantages for government applications, including cost-effectiveness and encouraging open collaboration. OSS operates like an adaptable recipe, freely available for anyone to use, modify, improve, and share.
A key benefit is that it does not require licensing fees, potentially leading to lower maintenance and support costs, which align well with government budgets. Furthermore, OSS’s flexibility and customization capacity are critical for addressing specific governmental needs, especially in complex projects faced by the intelligence community and the DoD.
As the government increasingly integrates inteligență artificială platforms, leveraging OSS can lead to more efficient data processing and safeguarding of sensitive networks. For instance, institutions can significantly enhance Intrusion Detection Systems, Intrusion Prevention Systems, and proxies by utilizing network simulators or machine learning platforms derived from OSS and customized to meet specific government needs.
While OSS has significant advantages, it also has provocări potențiale. These can include hidden costs associated with training, support, and integration, the need for substantial resources and expertise to secure and review the code, potential fragmentation, and slower or less predictable development timelines. Organizations should consider the decision to use OSS on a case-by-case basis, taking into account their specific requirements and available resources.
By striking the right balance, OSS can develop resilient digital identity solutions and improve cyber defense measures.
Identitate digitală
Digital identity plays a critical role in cybersecurity. Most security breaches occur due to flaws in digital identity processes and tools. Custom-made identity processes and legacy digital identity software from the early 2000s often open avenues for malicious activities and are inefficient. Therefore, there needs to be a comprehensive digital identity solution.
The recent incident involving Chinese hackers penetrating US government email accounts, as reported by Microsoft, serves as a stark reminder of the critical importance of digital identity. Implementing an effective ZTA must extend beyond on-premise infrastructure and include robust digital identity solutions (e.g., digital signature, public-key encryption, and key-establishment algorithms) capable of resisting state-backed hackers and being available to users worldwide. Furthermore, it must be capable of protecting sensitive government information well into the foreseeable future, including after the advent of quantum computers.
Între 2019 și 2021, account takeover attacks surged by 307%, demonstrating the increasing sophistication of cybercrimes. These attacks not only damage public trust but also cause substantial financial harm. Cybercriminals are exploiting AI to bypass traditional authentication schemes using methods like credential stuffing and creating deep fakes. However, harnessing AI within the ZTA can provide valuable security benefits, like real-time threat detection, to ensure a proactive approach to authentication.
Moreover, this solution could leverage improving further digital security opportunities, such as decentralized networks and quantum key distribution. Digital identity is not only about security; it also enhances user experience and productivity while reducing time and costs. It’s a necessary tool for enabling secure and easy interaction in the digital world for both individuals and organizations.
A robust digital identity solution is not a luxury; it is a requisite to ensure operational security and prevent unauthorized access, especially in a complex and interconnected environment.
OSS and AI integration
zero trust maturity model operates on the principle of not implicitly trusting any network and revolves around dynamic risk-based authentication, continuously adjusting access controls based on real-time threat assessments. Adopting zero-trust security, as emphasized in Ordinul executiv 14028 al președintelui Biden, is an urgent necessity with the rise of remote work and increasing breaches. Zero trust minimizes the attack surface and prevents unauthorized lateral movement within networks but also hinders network access.
Building on OSS with AI can achieve the robust digital solutions needed within the Zero Trust model to defend against hacking attempts while allowing broader user access. OSS provides transparency and flexibility to the cybersecurity ecosystem, with publicly accessible source code enabling continuous peer review and rapid vulnerability identification. This transparency and flexibility complement AI integration, which enhances real-time IDS, IPS, and adaptive response capabilities. By processing vast data, AI algorithms identify anomalies and potential cyber threats which compromise device and network integrity.
Leveraging AI-driven risk analysis, contextual factors like user location, device health, and behavior patterns dynamically modify access privileges. For example, accessing sensitive data from an unusual location may prompt the system to require additional authentication methods. The convergence of OSS and AI facilitates continuous learning from past incidents, current trends, and emerging attack vectors, empowering the system to maintain a proactive and agile defense strategy. Real-time analysis of cyber trends and emerging threats ensures organizations can swiftly adapt to evolving techniques, bolstering their cybersecurity resilience.
Embracing ZTA is a necessity for protecting sensitive data, critical infrastructure, and national interests. The transparency and flexibility of OSS form a strong foundation for security, while AI-driven capabilities empower the system to detect and respond to cyber threats in real time. By prioritizing digital identity solutions and leveraging the full potential of AI and OSS, a secure and resilient digital ecosystem will further strengthen cyber security.
Maj. Nicholas Dockery is a research fellow for the Modern Warfare Institute. He is also a Downing Scholar, an active duty special forces officer, and a contributor to the Irregular Warfare Initiative. The views expressed are those of the author(s) and do not reflect the official position of the United States Military Academy, Department of the Army, or Department of Defense.
- Distribuție de conținut bazat pe SEO și PR. Amplifică-te astăzi.
- PlatoData.Network Vertical Generative Ai. Împuterniciți-vă. Accesați Aici.
- PlatoAiStream. Web3 Intelligence. Cunoștințe amplificate. Accesați Aici.
- PlatoESG. Automobile/VE-uri, carbon, CleanTech, Energie, Mediu inconjurator, Solar, Managementul deșeurilor. Accesați Aici.
- BlockOffsets. Modernizarea proprietății de compensare a mediului. Accesați Aici.
- Sursa: https://www.defensenews.com/c2-comms/2023/07/31/a-win-a-miss-and-a-path-to-stronger-digital-authentication/
- :are
- :este
- :nu
- 2019
- 2021
- 70
- a
- Despre Noi
- Academie
- acces
- accesibil
- accesarea
- Cont
- Obține
- peste
- Acțiune
- activ
- activităţi de
- adapta
- Suplimentar
- adresare
- administrare
- Adoptarea
- Adoptare
- Avantajele
- venire
- susţinere
- După
- împotriva
- agil
- AI
- Integrare AI
- algoritmi
- alinia
- Permiterea
- de asemenea
- ambițios
- american
- an
- analiză
- și
- Orice
- oricine
- abordare
- arhitectură
- SUNT
- Armată
- în jurul
- AS
- aspect
- evaluări
- asociate
- At
- ataca
- Atacuri
- Încercările
- Autentificare
- disponibil
- Sold
- de echilibrare
- bazat
- bază
- BE
- fost
- fiind
- beneficia
- Beneficiile
- între
- Dincolo de
- biden
- Administrația Biden
- atât
- încălcări
- mai larg
- Bugete
- dar
- by
- apeluri
- CAN
- capacități
- capabil
- Capacitate
- Provoca
- Modificări
- CISA
- cod
- colaborare
- combaterea
- comunitate
- Completa
- complex
- conformitate
- complicat
- cuprinzător
- compromis
- Calculatoare
- Îngrijorare
- Lua în considerare
- contextual
- continuu
- continuu
- antreprenori
- contribuabil
- controale
- Convergenţă
- Cheltuieli
- ar putea
- Consiliu
- Crearea
- Creator
- CREDENTIALĂ
- umplutură credențială
- critic
- Infrastructura critică
- Curent
- personalizare
- personalizate
- Cyber
- securitate cibernetică
- criminalităţii cibernetice
- cybercriminals
- Securitate cibernetică
- prejudiciu
- de date
- de prelucrare a datelor
- descentralizată
- rețele descentralizate
- decizie
- dedicat
- adânc
- Falsurile adânci
- Apărare
- Oferă
- Deloitte
- demonstrând
- Departament
- Departamentul Apararii
- Derivat
- merită
- detaliat
- Detectare
- dezvolta
- Dezvoltare
- dispozitiv
- digital
- ecosistem digital
- identitate digitală
- lume digitală
- Director
- distribuire
- do
- DoD
- face
- domeniu
- Domain Name
- Intern
- Downing
- două
- dinamic
- dinamic
- e
- Devreme
- uşor
- ecosistem
- Eficace
- eficient
- șmirghel
- accentuat
- ocuparea forţei de muncă
- împuternici
- împuternicirea
- permițând
- care să cuprindă
- Fii încurajator.
- criptare
- spori
- Îmbunătăţeşte
- consolidarea
- asigura
- asigură
- asigurare
- Mediu inconjurator
- mai ales
- esenţial
- Eter (ETH)
- mereu în schimbare
- evoluție
- exemplu
- executiv
- ordin executiv
- experienţă
- expertiză
- experți
- și-a exprimat
- extinde
- cu care se confruntă
- facilitează
- factori
- Eșec
- federal
- Taxe
- membru
- financiar
- defecte
- Flexibilitate
- Pentru
- Forțele
- juridic
- previzibil
- formă
- Fundație
- fragmentarea
- din
- Complet
- mai mult
- În plus
- viitor
- Guvern
- guvernamental
- hackeri
- hacking
- rău
- Cablaje
- he
- Sănătate
- Ascuns
- subliniind
- împiedică
- Totuși
- HTML
- http
- HTTPS
- Identificare
- identifica
- Identitate
- SOLUȚII DE IDENTITATE
- ID-uri
- imagini
- imediat
- Punere în aplicare a
- importanță
- îmbunătăţi
- îmbunătățirea
- in
- incident
- include
- Inclusiv
- a crescut
- crescând
- tot mai mult
- persoane fizice
- ineficace
- informații
- Infrastructură
- inițială
- Inițiativă
- inițiative
- instanță
- Institut
- instituții
- integreaza
- integrare
- integritate
- Inteligență
- interacţiune
- interconectate
- interese
- în
- Prezintă
- detectarea intruziunilor
- Investiții
- implicând
- IT
- jpg
- Cheie
- lipsă
- peisaj
- conduce
- conducere
- învăţare
- Moştenire
- Legislativ
- mai puțin
- Pârghie
- efectului de pârghie
- de licențiere
- ca
- Limitat
- locaţie
- Lung
- mult-așteptata
- LOWER
- maşină
- masina de învățare
- mai ales
- menține
- întreținere
- de conducere
- scadență
- Mai..
- McKinsey
- măsura
- măsuri
- Întâlni
- Metode
- Microsoft
- Militar
- model
- Modern
- Modern Warfare
- modifica
- Lună
- mai mult
- mai eficient
- cele mai multe
- mişcare
- MSN
- trebuie sa
- nume
- Nasdaq
- național
- necesar
- Nevoie
- necesar
- nevoilor
- reţea
- Acces la retea
- rețele
- nist
- în special
- notat
- Obiectivele
- avea loc
- of
- oferind
- promoții
- Birou
- Ofiţer
- oficial
- de multe ori
- on
- afară
- deschide
- open-source
- Software open-source
- opereaza
- operațional
- Oportunităţi
- or
- comandă
- organizații
- Ne
- Altele
- exterior
- partenerială
- trecut
- cale
- modele
- egal
- Locuri
- plan
- Platforme
- Plato
- Informații despre date Platon
- PlatoData
- joacă
- Politica
- poziţie
- potenţial
- potenţial
- predictibil
- împiedica
- Prevenirea
- previne
- precedent
- principiu
- Stabilirea priorităților
- privat
- sectorul privat
- privilegii
- Proactivă
- procese
- prelucrare
- productivitate
- Proiecte
- promițător
- protectoare
- protocol
- furniza
- furnizează
- public
- încrederea publică
- public
- Cuantic
- calculatoare cuantice
- rapid
- real
- în timp real
- recent
- reţetă
- reducerea
- reducere
- reflecta
- regulat
- rămășițe
- la distanta
- munca la distanță
- Raportat
- reprezintă
- necesita
- Cerinţe
- necesar
- cercetare
- elasticitate
- elastic
- Resurse
- Răspunde
- răspuns
- responsabilităţi
- responsabilitate
- rezultând
- revizuiască
- Recenzii
- se învârte
- dreapta
- Ridica
- Risc
- robust
- Rol
- s
- salvgardare
- scheme
- Savant
- Ştiinţă
- sector
- sectoare
- sigur
- securitate
- beneficii de securitate
- breșe de securitate
- segment
- sensibil
- servește
- Distribuie
- să
- semnificativ
- semnificativ
- simplificată
- întrucât
- Software
- soluţie
- soluţii
- rafinament
- Sursă
- cod sursă
- special
- specific
- specificitate
- părțile interesate
- standard
- puternic
- Statele
- Strategie
- A intari
- puternic
- puternic
- umplutură
- substanțial
- astfel de
- a sustine
- Suprafață
- a crescut
- rapid
- sistem
- sisteme
- preluare
- luare
- tehnici de
- durată
- acea
- lor
- Acolo.
- prin urmare
- Acestea
- acest
- aceste
- amenințare
- detectarea amenințărilor
- amenințări
- timp
- cronologii
- la
- instrument
- Unelte
- tradiţional
- Pregătire
- transfer
- transformativă
- Transparență
- Tendinţe
- Încredere
- încredere
- ne
- fara indoiala
- Unit
- Statele Unite
- Ciudat
- dezvaluit
- urgent
- us
- guvernul SUA
- utilizare
- Utilizator
- Experiența de utilizare
- utilizatorii
- folosind
- Utilizand
- Valoros
- Fixă
- vizualizari
- vulnerabilitate
- BINE
- care
- în timp ce
- voi
- câştiga
- cu
- în
- Apartamente
- lume
- la nivel internațional.
- zephyrnet
- zero
- încredere zero