Skip to content
Search

Latest Stories

NatSecEdge
cipherbrief

Welcome! Log in to stay connected and make the most of your experience.

Input clean

Evolving Cybersecurity Takes More Than Money

Hitesh Sheth is the president and CEO of Vectra. Previously, he was chief operating officer at Aruba Networks and before that,  he was EVP/GM at Juniper Networks.

PRIVATE SECTOR — The March 3 notice from the Department of Homeland Security’s cybersecurity command was crisp and urgent. The headline: “Mitigate Microsoft Exchange On-Premises Product Vulnerabilities”. It reported the discovery that Microsoft Exchange software at work on government agency property had been compromised by hackers. The emergency directive ordered all federal agencies to scan metadata for anomalous activity, unplug affected hardware, download patches, and report the job done by March 5.

On one hand, the reaction time mandated by CISA (the Cybersecurity and Infrastructure Security Agency) is admirable and gratifying. Getting anything done across the federal agency landscape in 48 hours is no small feat. On the other hand, an experienced observer’s heart sinks. Here’s yet another case in the cybersecurity world of rearguard action: damage control in the wake of a big breach. Good for CISA for bolting the barn door – but who knows how many horses have already left.

In aviation terms, we want CISA to perform like the FAA, implementing preventive measures that save lives. But too often it’s like the NTSB, sifting accident wreckage, trying to determine what cost lives.

The SolarWinds breach of critical infrastructure at Homeland Security, Defense, State, and Commerce, discovered in 2020, just highlighted our cyber vulnerabilities. Before detection, the malware slumbered within target systems for months – a known attack strategy that again outwitted endpoint defense systems.

Prevention technologies like firewalls aren’t much help when the fire’s smoldering on the inside.

When the scope of the SolarWinds attack came to light, the response options were mostly reactive; it was too late to be preventive. We haven’t yet catalogued all the damage. The after-action cleanup continues today, and probably will for years.


The Cipher Brief hosts private briefings with the world’s most experienced national and global security experts.  Become a member today.


Still, most cybersecurity vendors sell the government prevention and some form of endpoint defense – and keep assuring Washington prevention is the go-to strategy.

The Biden administration’s COVID-19 relief package proposed more than $10 billion in new cybersecurity funding for CISA and the General Services Administration to “to launch the most ambitious effort ever to modernize and secure federal IT and networks.” Good – but the bill is in flux on the Hill.

The Senate has already nixed another proposed $9 billion for federal IT modernization even though “antiquated” is too generous a word for much government cybersecurity tech. “I can only describe it, not to malign intent, but to a lack of understanding of why these investments are so important,” said Rep. Gerry Connolly (D-VA), chair of the House Government Operations Subcommittee.

The real, meaningful edge in cybersecurity today lies with internal system visibility, rapid exposure of intruders, and artificial intelligence that keeps the defense strategy in step with the attackers’ ingenuity. I guarantee our adversaries are using AI against us right now, but our government’s not yet there.


Join The Cipher Brief March 23-25 for a three-day Virtual Cybersecurity Summit featuring Microsoft President Brad Smith, FireEye CEO Kevin Mandia, and a host of other public and private sector experts.  The Summit is being co-hosted by Cipher Brief CEO & Publisher Suzanne Kelly and former NSA Deputy Director Rick Ledgett.  Attendance is free and registration is required.  Sign up today.


To get out of NTSB-style accident analysis and into a more secure posture, we need a tactical transition from less effective perimeter-defense tech to threat-detection solutions that give our critical infrastructure a fighting chance.

And a common security architecture across federal agencies, with a common core security infrastructure, would fortify them better against cyber assault. When agencies function as separate fiefdoms, building duplicative digital systems, it may be lucrative for Beltway contractor-consultants – but that $10 billion, if it’s appropriated, won’t go as far as it should.

Evolving cybersecurity takes more than money. It takes a shift in mindset.

All credit to CISA and federal IT departments for swift action on the Microsoft Exchange compromise – the swiftest possible today, anyway. Yes, take corrupted servers offline and download those patches. But let’s also move the government beyond reactive damage control thanks to obsolete security technology – defenses we know our enemies can outmaneuver. Let’s leverage AI to upgrade our systems, and our odds in this ongoing cyber conflict.

Read more expert-driven national security insights, perspective and analysis in The Cipher Brief

Watch Now

Related Articles

Ex-Spy Warns of Case Officer Tactics in Trump-Putin Dynamic

EXPERT Q&A – After Friday’s meeting in Alaska between U.S. President Donald Trump and Russian President Vladimir Putin, former CIA senior officer and [...] More

​The Weekend Interview: Former CIA Station Chief on Strategic Global Hotspots

​The Weekend Interview: Former CIA Station Chief on Strategic Global Hotspots

WEEKEND INTERVIEW: The signing of a peace framework between the President of Armenia and the Prime Minister of Azerbaijan on Friday at the White [...] More

Sabotage Without Warning: ​Why the Gray Zone Could Be America’s Biggest Blind Spot

Sabotage Without Warning: ​Why the Gray Zone Could Be America’s Biggest Blind Spot

EXPERT BRIEFING — Polish Prime Minister Donald Tusk announced this week that 32 people have been detained since the start of Moscow’s war with [...] More

Two Existential Threats: CIA’s Reputation vs. Democracy’s Survival

OPINION -- In his recent Cipher Brief essay, CIA's Latest Existential Challenge, former CIA senior officer Mark Kelton argues that the Central [...] More

Can the U.S. Fix a Broken System of Acquiring Weapons?

Can the U.S. Fix a Broken System of Acquiring Weapons?

DEEP DIVE – It’s a rare area of bipartisan agreement in Washington: a belief that the U.S. must reform the way it develops and obtains its weapons. [...] More

Experts Warn of Insurgents' Paradise in West Africa

Experts Warn of Insurgents' Paradise in West Africa

CIPHER BRIEF REPORTING– A terrorist group with links to Al Qaeda now controls a swath of territory five times the size of Texas, threatens the [...] More