Jen Easterly, the new Director of the Cybersecurity & Infrastructure Security Agency CISA, recently sat down for a great, relaxed, and open discussion with Dave DeWalt, the former CEO of FireEye and McAfee. As she astutely mentioned, cybersecurity has become a “kitchen table” discussion across America over the last year, with ransomware, critical infrastructure attacks, and other cyber attacks becoming commonplace news items. Whether you are in the public or private sector, I highly recommend watching the whole interview. You can view it here: https://www.nightdragon.com/blog/nightvision-fireside-chat-cisa-director-jen-easterly
Jen has a long and distinguished career that includes serving the Army, the NSA, the White House, and Morgan Stanley. And it shows when she speaks. She is high quality and knows the cybersecurity space from end to end.
I mentioned that security professionals in both public and private sectors should watch the video. That is because Jen and CISA are taking on a leadership role to chart the course for a broad national strategy that includes businesses in healthcare, infrastructure, financial services, and others. I applaud CISA for thinking broadly and realizing, as Jen repeatedly says in the interview, that everything is connected and can expose other parts to risks. CISA wants to work with private enterprises and send signals to encourage all participants to strive to do better, especially when it comes to supply chain visibility and protecting critical infrastructure.
While there is a lot to unpack in the interview, I wanted to focus on two key themes:
- Threat Research
Timely, Relevant and Actionable Intelligence
Visibility, in its various forms, is so important that Jen dedicated a significant portion of the interview to the topic. She said that it is critical to have “timely, relevant and actionable intelligence” upon which to act on. Specifically, she discussed needing visibility into: zero-day threats and critical vulnerabilities, and supply chain exposures.
When it comes to detecting and acting on zero-day threats, I think one of the most important parts of Jen’s message was the need to protect ALL endpoints and networks of the interconnected ecosystem. Whether it is public or private, traditional or mobile (citing the billions of mobile devices out there accessing data), network or IoT, it all needs protecting. This is the classic “weakest link” argument, and it is spot on. She talked about the importance of zero trust architectures and XDR to bring it all together.
Shifting to the need to have visibility into critical vulnerabilities, Jen said that there needs to be “foundational improvements” across the whole infrastructure. These improvements include the requirement to patch critical vulnerabilities in operating systems and applications and to understand all components in applications from a supply chain perspective to avoid another SolarWinds-like exposure. The DHS Binding Operational Directive (BOD) 22-01 published on November 3rd is an example of great work on the former, as it establishes a CISA-managed catalog of known exploited vulnerabilities that carry significant risk to the federal enterprise and establishes requirements for agencies to remediate any such vulnerabilities. The current Security Bill of Materials (SBOM) (H.R.4611 – DHS Software Supply Chain Risk Management Act of 2021) being considered is a perfect example of efforts focused on the latter issue, as it seeks to inventory and attest to all components in applications.
Igniting Threat Research
When Dave asked Jen what kept her up at night, she had a great answer: “It’s not what keeps me up at night, but what gets me up in the morning!” She is excited to work with the best security teams and companies in the world to share and improve data and analytics. Specifically, she said she really wanted to “ignite the research community” to come together, share information and help get ahead of trends.
How Zimperium Can Help
As the global leader in mobile security, Zimperium is helping public and private sector organizations protect their mobile endpoints and apps every single day. For example, coming back to Jen’s key points above, here is how Zimperium provides value:
|Requirement||How Zimperium Helps|
|Visibility: Zero Day Attacks||Zimperium provides the world’s best zero day threat detection on the missing 60% of endpoints accessing agency and corporate networks: mobile devices. In addition to machine learning-based detections of device, network, app and phishing attacks with our zIPS offering, Zimperium offers the most complete mobile threat insights offering to really help organizations understand and act on the data.|
|Visibility: Vulnerabilities||Zimperium zIPS not only identifies all mobile devices that are running outdated and vulnerable operating systems, but it also includes detailed descriptions of all CVEs/CVSS scores and whether or not a device can actually be upgraded (mostly for the Android OEMs).|
|Visibility: Supply Chain||For every app on an employees’ mobile devices, Zimperium’s z3A provides detailed analyses of all security and privacy risks.|
|Threat Research||Zimperium zLabs Advanced Research and Exploitation team is the world’s most qualified and talented collection of researchers focused 100% exclusively on mobile.|
We are excited to continue collaborating with CISA to help protect the mobile components of the interconnected ecosystem. I would truly like to thank Jen and her whole team for their great efforts to help make cyber safer. If you have any questions or would like to learn more, please contact us.
Zimperium provides the only mobile security platform purpose-built for enterprise environments. With machine learning-based protection and a single platform that secures everything from applications to endpoints, Zimperium is the only solution to provide on-device mobile threat defense to protect growing and evolving mobile environments. For more information or to schedule a demo, contact us today.