This month, the Biden Administration unveiled the National Strategy Načrt izvajanja za Nacionalna strategija kibernetske varnosti, which calls for transformative changes in managing the U.S. digital environment, prioritizing security and resilience across public and private sectors and balancing investments between future development and addressing immediate threats.
The plan represents a departure from the previous strategy criticized for lack of specificity in action. The Laboratorij za digitalne forenzične raziskave at the Atlantic Council noted that the current blueprint downscaled ambitious initial objectives, resulting in a simplified and potentially less effective approach. Of most concern is the need for a comprehensive digital identity solution. This is further complicated by the US government’s adoption of a zero-trust architecture strategy, which will undoubtedly alter cybersecurity measures for government contractors and other partnering organizations—particularly those outside on-premise infrastructure.
The strategy’s failure to include a strong digital identity solution is a significant setback, mainly since ZTA is limited to Domain Name System and Hypertext Transfer Protocol. Utilizing Odprtokodna programska oprema razviti AI-empowered authentication offers a promising long to term solution to ZTA for creative user authentication. By adopting this approach, the government can achieve robust digital identification, enhancing transparency, flexibility, and real-time threat detection for a more secure digital ecosystem.
Odprta programska oprema
The NCSIP delivers a more detailed approach and designates responsibilities for government stakeholders, encompassing sixty-five federal initiatives to safeguard American employment, combat cybercrime, and enhance domestic cybersecurity expertise, utilizing legislative support from the Zakon o zniževanju inflacije in CHIPS & Science Act.
Moreover, the plan places increased cybersecurity standard compliance responsibility on the private sector, guided by the Office of the National Cyber Director. Notably, the NCSIP introduces a dedicated segment for regular policy reviews, ensuring an adaptive strategy that remains in sync with the ever-changing cybersecurity landscape, a long-awaited measure advocated by experts.
One essential aspect of the plan that deserves highlighting is the advocacy for Open-Source Software. OSS has been in use by the Department of Defense since 2009, ponudba several advantages for government applications, including cost-effectiveness and encouraging open collaboration. OSS operates like an adaptable recipe, freely available for anyone to use, modify, improve, and share.
A key benefit is that it does not require licensing fees, potentially leading to lower maintenance and support costs, which align well with government budgets. Furthermore, OSS’s flexibility and customization capacity are critical for addressing specific governmental needs, especially in complex projects faced by the intelligence community and the DoD.
As the government increasingly integrates Umetna inteligenca platforms, leveraging OSS can lead to more efficient data processing and safeguarding of sensitive networks. For instance, institutions can significantly enhance Intrusion Detection Systems, Intrusion Prevention Systems, and proxies by utilizing network simulators or machine learning platforms derived from OSS and customized to meet specific government needs.
While OSS has significant advantages, it also has morebitne izzive. These can include hidden costs associated with training, support, and integration, the need for substantial resources and expertise to secure and review the code, potential fragmentation, and slower or less predictable development timelines. Organizations should consider the decision to use OSS on a case-by-case basis, taking into account their specific requirements and available resources.
By striking the right balance, OSS can develop resilient digital identity solutions and improve cyber defense measures.
Digitalna identiteta
Digital identity plays a critical role in cybersecurity. Most security breaches occur due to flaws in digital identity processes and tools. Custom-made identity processes and legacy digital identity software from the early 2000s often open avenues for malicious activities and are inefficient. Therefore, there needs to be a comprehensive digital identity solution.
The recent incident involving Chinese hackers penetrating US government email accounts, as reported by Microsoft, serves as a stark reminder of the critical importance of digital identity. Implementing an effective ZTA must extend beyond on-premise infrastructure and include robust digital identity solutions (e.g., digital signature, public-key encryption, and key-establishment algorithms) capable of resisting state-backed hackers and being available to users worldwide. Furthermore, it must be capable of protecting sensitive government information well into the foreseeable future, including after the advent of quantum computers.
Med 2019 in 2021, account takeover attacks surged by 307%, demonstrating the increasing sophistication of cybercrimes. These attacks not only damage public trust but also cause substantial financial harm. Cybercriminals are exploiting AI to bypass traditional authentication schemes using methods like credential stuffing and creating deep fakes. However, harnessing AI within the ZTA can provide valuable security benefits, like real-time threat detection, to ensure a proactive approach to authentication.
Moreover, this solution could leverage improving further digital security opportunities, such as decentralized networks and quantum key distribution. Digital identity is not only about security; it also enhances user experience and productivity while reducing time and costs. It’s a necessary tool for enabling secure and easy interaction in the digital world for both individuals and organizations.
A robust digital identity solution is not a luxury; it is a requisite to ensure operational security and prevent unauthorized access, especially in a complex and interconnected environment.
OSS and AI integration
O zero trust maturity model operates on the principle of not implicitly trusting any network and revolves around dynamic risk-based authentication, continuously adjusting access controls based on real-time threat assessments. Adopting zero-trust security, as emphasized in Izvršni ukaz 14028 predsednika Bidna, is an urgent necessity with the rise of remote work and increasing breaches. Zero trust minimizes the attack surface and prevents unauthorized lateral movement within networks but also hinders network access.
Building on OSS with AI can achieve the robust digital solutions needed within the Zero Trust model to defend against hacking attempts while allowing broader user access. OSS provides transparency and flexibility to the cybersecurity ecosystem, with publicly accessible source code enabling continuous peer review and rapid vulnerability identification. This transparency and flexibility complement AI integration, which enhances real-time IDS, IPS, and adaptive response capabilities. By processing vast data, AI algorithms identify anomalies and potential cyber threats which compromise device and network integrity.
Leveraging AI-driven risk analysis, contextual factors like user location, device health, and behavior patterns dynamically modify access privileges. For example, accessing sensitive data from an unusual location may prompt the system to require additional authentication methods. The convergence of OSS and AI facilitates continuous learning from past incidents, current trends, and emerging attack vectors, empowering the system to maintain a proactive and agile defense strategy. Real-time analysis of cyber trends and emerging threats ensures organizations can swiftly adapt to evolving techniques, bolstering their cybersecurity resilience.
Embracing ZTA is a necessity for protecting sensitive data, critical infrastructure, and national interests. The transparency and flexibility of OSS form a strong foundation for security, while AI-driven capabilities empower the system to detect and respond to cyber threats in real time. By prioritizing digital identity solutions and leveraging the full potential of AI and OSS, a secure and resilient digital ecosystem will further strengthen cyber security.
Maj. Nicholas Dockery is a research fellow for the Modern Warfare Institute. He is also a Downing Scholar, an active duty special forces officer, and a contributor to the Irregular Warfare Initiative. The views expressed are those of the author(s) and do not reflect the official position of the United States Military Academy, Department of the Army, or Department of Defense.
- Distribucija vsebine in PR s pomočjo SEO. Okrepite se še danes.
- PlatoData.Network Vertical Generative Ai. Opolnomočite se. Dostopite tukaj.
- PlatoAiStream. Web3 Intelligence. Razširjeno znanje. Dostopite tukaj.
- PlatoESG. Avtomobili/EV, Ogljik, CleanTech, Energija, Okolje, sončna energija, Ravnanje z odpadki. Dostopite tukaj.
- BlockOffsets. Posodobitev okoljskega offset lastništva. Dostopite tukaj.
- vir: https://www.defensenews.com/c2-comms/2023/07/31/a-win-a-miss-and-a-path-to-stronger-digital-authentication/
- :ima
- : je
- :ne
- 2019
- 2021
- 70
- a
- O meni
- Akademija
- dostop
- dostopen
- Dostop
- Račun
- Doseči
- čez
- Ukrep
- aktivna
- dejavnosti
- prilagodijo
- Dodatne
- naslavljanje
- uprava
- Sprejem
- Sprejetje
- Prednosti
- prihod
- zagovorništvo
- po
- proti
- okreten
- AI
- AI integracija
- algoritmi
- uskladiti
- Dovoli
- Prav tako
- ambiciozni
- Ameriška
- an
- Analiza
- in
- kaj
- kdo
- pristop
- Arhitektura
- SE
- Army
- okoli
- AS
- vidik
- Ocene
- povezan
- At
- napad
- Napadi
- Poskusi
- Preverjanje pristnosti
- Na voljo
- Ravnovesje
- uravnoteženje
- temeljijo
- Osnova
- BE
- bilo
- počutje
- koristi
- Prednosti
- med
- Poleg
- Bidena
- Bidenova uprava
- tako
- kršitve
- širši
- Proračuni
- vendar
- by
- poziva
- CAN
- Zmogljivosti
- lahko
- kapaciteta
- Vzrok
- Spremembe
- CISA
- Koda
- sodelovanje
- boj proti
- skupnost
- Dopolnilo
- kompleksna
- skladnost
- zapleten
- celovito
- Kompromis
- računalniki
- Skrb
- Razmislite
- kontekstualno
- neprekinjeno
- stalno
- izvajalci
- prispeva
- Nadzor
- Konvergenca
- stroški
- bi
- Svet
- Ustvarjanje
- Creative
- POVERILNICA
- poverilnice
- kritično
- Kritična infrastruktura
- Trenutna
- customization
- meri
- cyber
- kibernetska varnost
- kibernetski kriminaliteti
- cybercriminals
- Cybersecurity
- škoda
- datum
- obdelava podatkov
- Decentralizirano
- decentraliziranih omrežij
- Odločitev
- namenjen
- globoko
- Deep Fakes
- Defense
- daje
- deloitte
- dokazuje
- Oddelek
- oddelek za obrambo
- Izpeljano
- zasluži
- podrobno
- Odkrivanje
- Razvoj
- Razvoj
- naprava
- digitalni
- digitalni ekosistem
- digitalna identiteta
- digitalni svet
- Direktor
- distribucija
- do
- DoD
- ne
- domena
- Ime domene
- Domače
- Downing
- 2
- dinamično
- dinamično
- e
- Zgodnje
- lahka
- ekosistem
- Učinkovito
- učinkovite
- E-naslov
- smirkovim
- je poudaril,
- zaposlovanja
- opolnomočiti
- pooblastitvi
- omogočanje
- obsežno
- spodbujanje
- šifriranje
- okrepi
- Izboljša
- izboljšanje
- zagotovitev
- zagotavlja
- zagotoviti
- okolje
- zlasti
- bistvena
- Eter (ETH)
- vedno spreminjajoče se
- razvija
- Primer
- izvršni
- izvršilni red
- izkušnje
- strokovno znanje
- Strokovnjaki
- izražena
- razširiti
- soočen
- olajša
- dejavniki
- Napaka
- Zvezna
- pristojbine
- kolega
- finančna
- napake
- prilagodljivost
- za
- sile
- Forenzik
- predvidljiva
- obrazec
- Fundacija
- razdrobljenost
- iz
- polno
- nadalje
- Poleg tega
- Prihodnost
- vlada
- vladni
- hekerji
- taksist
- škodovalo
- Dovoljenje
- he
- Zdravje
- skrita
- poudarjanje
- ovira
- Vendar
- HTML
- http
- HTTPS
- Identifikacija
- identificirati
- identiteta
- REŠITVE IDENTITETE
- ID-ji
- slike
- Takojšen
- izvajanja
- Pomembnost
- izboljšanje
- izboljšanju
- in
- nesreča
- vključujejo
- Vključno
- povečal
- narašča
- vedno
- posamezniki
- neučinkovit
- Podatki
- Infrastruktura
- začetna
- pobuda
- pobud
- primer
- Inštitut
- Institucije
- Integrira
- integracija
- celovitost
- Intelligence
- interakcije
- medsebojno povezani
- interesi
- v
- Predstavlja
- zaznavanje vdorov
- naložbe
- vključujejo
- IT
- jpg
- Ključne
- Pomanjkanje
- Pokrajina
- vodi
- vodi
- učenje
- Legacy
- Zakonodajni
- manj
- Vzvod
- vzvod
- licenciranje
- kot
- Limited
- kraj aktivnosti
- Long
- dolgo pričakovano
- nižje
- stroj
- strojno učenje
- v glavnem
- vzdrževati
- vzdrževanje
- upravljanje
- zapadlosti
- Maj ..
- McKinsey
- merjenje
- ukrepe
- Srečati
- Metode
- Microsoft
- Vojaška
- Model
- sodobna
- Modern Warfare
- spremenite
- mesec
- več
- učinkovitejše
- Najbolj
- Gibanje
- MSN
- morajo
- Ime
- Nasdaq
- nacionalni
- potrebno
- Nimate
- potrebna
- potrebe
- mreža
- Dostop do omrežja
- omrežij
- nst
- predvsem
- opozoriti
- Cilji
- pojavijo
- of
- ponujanje
- Ponudbe
- Office
- Častnik
- Uradni
- pogosto
- on
- samo
- odprite
- open source
- Odprtokodna programska oprema
- deluje
- operativno
- Priložnosti
- or
- Da
- organizacije
- Oss
- Ostalo
- zunaj
- partnerski
- preteklosti
- pot
- vzorci
- peer
- Mesta
- Načrt
- Platforme
- platon
- Platonova podatkovna inteligenca
- PlatoData
- igra
- politika
- Stališče
- potencial
- potencialno
- Predvidljivo
- preprečiti
- Preprečevanje
- preprečuje
- prejšnja
- Načelo
- določanje prednosti
- zasebna
- Zasebni sektor
- privilegiji
- Proaktivna
- Procesi
- obravnavati
- produktivnost
- projekti
- obetaven
- zaščito
- protokol
- zagotavljajo
- zagotavlja
- javnega
- zaupanje javnosti
- javno
- Kvantna
- kvantni računalniki
- hitro
- pravo
- v realnem času
- nedavno
- Recept
- zmanjšanje
- Zmanjšanje
- odražajo
- redni
- ostanki
- daljinsko
- delo na daljavo
- Prijavljeno
- predstavlja
- zahteva
- Zahteve
- potreben
- Raziskave
- odpornost
- odporno
- viri
- Odzove
- Odgovor
- odgovornosti
- Odgovornost
- rezultat
- pregleda
- Mnenja
- vrti
- Pravica
- Rise
- Tveganje
- robusten
- vloga
- s
- varovanje
- sheme
- Učenjak
- Znanost
- sektor
- Sektorji
- zavarovanje
- varnost
- varnostne ugodnosti
- kršitve varnosti
- Segment
- občutljiva
- služi
- Delite s prijatelji, znanci, družino in partnerji :-)
- shouldnt
- pomemben
- bistveno
- poenostavljeno
- saj
- Software
- Rešitev
- rešitve
- prefinjenosti
- vir
- Izvorna koda
- posebna
- specifična
- specifičnosti
- interesne skupine
- standardna
- stark
- Države
- Strategija
- Okrepiti
- močna
- močnejši
- polnjenje
- precejšen
- taka
- podpora
- Površina
- povečal
- hitro
- sistem
- sistemi
- prevzeti
- ob
- tehnike
- Izraz
- da
- O
- njihove
- Tukaj.
- zato
- te
- ta
- tisti,
- Grožnja
- odkrivanje groženj
- grožnje
- čas
- časovnice
- do
- orodje
- orodja
- tradicionalna
- usposabljanje
- prenos
- transformativno
- Preglednost
- Trends
- Zaupajte
- zaupanja vreden
- nas
- nedvomno
- Velika
- Združene države Amerike
- nenavadno
- predstavil
- nujno
- us
- nas vlada
- uporaba
- uporabnik
- Uporabniška izkušnja
- Uporabniki
- uporabo
- Uporaben
- dragocene
- Popravljeno
- ogledov
- ranljivost
- Dobro
- ki
- medtem
- bo
- zmago
- z
- v
- delo
- svet
- po vsem svetu
- zefirnet
- nič
- ničelno zaupanje