The White House recently released the CNAP – Cybersecurity National Action Plan. This is a big step forward for securing the U.S., as it urges a 35 percent increase in cybersecurity expenses in the upcoming budget. The plan includes several policy points which are worth some discussion.
Acknowledging the importance of multi-factor authentication
Single factor authentication is an outdated and almost irrelevant security measure. Switching to multi-factor authentication is well overdue. Moreover, it is important not to be content with only two-factor authentication as more and more malwares are able to bypass even this method. You can read our blog post for an example of this type of attacks.
In addition, part of the plan states the administration wants to reduce the use of Social Security numbers as an authentication method. This again is a good advancement as each year millions of dollars are lost to social security and IRS frauds.
Einstein is an intrusion detection and prevention system, intended to protect government agencies. It was recently criticized due to its limited abilities, lagging behind the latest technologies in the field. The source for this criticism is a recent report of the U.S. Government Accountability Office, which found EINSTEIN does not meet its requirement and is incapable of monitoring basic types of network traffic. As part of the new act, the administration wants to renovate this system and turn it into an up-to-date protection for the government.
Cybersecurity training to reach over 1.4 million small businesses
This is a major point. Cyber threats are not limited to enterprises, they also target SMBs. In fact, according to some reports, 62 percent of cyberattacks target SMBs. However, unlike large corporations, small businesses are often less aware of cyber threats and therefore do not take protective actions to defend themselves. Moreover, an attack that would only cause minor damages to a big enterprise could be devastating for an SMB.
SMB IT teams are tasked with the upkeep of system and network health across the entire organization. SMBs often cannot handle the costs of dedicated security engineers and lack the skills needed to properly secure critical business resources. As a result, SMB organizations are increasingly the target of Internet attacks due to insufficient security controls.
For these reasons we at Check Point have long stressed the reality of this imminent threat and developed technologies specifically designed to protect SMBs. Check Point SMB security solutions integrate advanced protections to prevent cyberattacks and zero-day threats while maintaining maximum Internet performance in a single platform. Unlike other security means, these technologies aim to not only detect, but to prevent cyber threats. This is crucial for SMBs, which often cannot handle the costs of a breach and must prevent attacks in order to survive them. This single platform requires low management and minimal IT skills while providing the same breadth of protection as a large enterprise would receive.
Improve Cyber Incident Response
Another important point is responding to cyberattacks in a fast and professional manner. It is extremely important to mitigate threats as fast as possible. In fact, Recent research conducted by the Ponemon institute revealed the damage to an organization grows exponentially the longer the attack lasts.
In order to detect and remediate threats promptly, security administrators need a clear and coherent view of their networks. Check Point’s newly introduced SandBlast Agent analyses threats automatically in order to detect the various components of the attack. It provides automated reports that explicitly point out how the malware got in, what was the damage and how far it spread, all at the click of a button.
A solid step forward, but there’s a long distance to go
The CNAP has a long way to go, as it remains to be seen how much of it will be funded, and then how soon it can begin to be implemented. That being said, there is a clear need for more actions to be taken, far beyond this plan’s scope.
But we’ve got to start somewhere, don’t we?