The nation’s network infrastructures have demonstrated their resiliency against a range of cyber-attacks in the past few years but these networks are being tested more severely as the size and scale of attacks grow, according to a new report by the Departments of Commerce and Homeland Security.
The report offers a vision for protecting infrastructure in the future, saying “Infrastructure providers of all types must develop a broad understanding of the benefits of shared defense approaches, and communities should work together to drive best practice adoption,” says the joint report, which was directed by President Trump’s executive order on cyber security in May 2017. It also says that enterprise networks should adopt the recommendations of the Cybersecurity Framework developed through a public-private collaboration managed by the National Institute of Standards and Technology several years ago.
“DHS has recommended ways to improve our federal risk poster and modernize the federal IT enterprise,” Homeland Security Secretary Kirstjen Nielsen said in a statement on Wednesday that preceded the release of the new report. “Additionally, the department has outlined how it will prioritize private sector access to tailored intelligence and capabilities in order to mitigate risk where a cybersecurity incident could result in catastrophic effects. Lastly, DHS worked closely with the Department of Commerce in crafting recommendations to improve the resilience of the Internet of Things ecosystem and dramatically reduce the ever-growing botnet threat.”
In a separate report released on Wednesday that was also required by the executive order, the two departments say the U.S. needs to immediately address challenges in sustaining and improving the cyber security workforce, noting too that there are shortages of teachers and faculty in all levels of the American education system that are knowledgeable and skilled in this area.
Among the workforce report recommendations are a federally-led “high-profile Call to Action” to address cyber security workforce needs and a focus by the Trump administration on policies and funding for the long-term for “high-quality, effective cybersecurity education and workforce development programs.”