How to create data resilience by leveraging backups, zero trust and artificial intelligence

Data is a strategic asset, and the U.S. military needs seamless access to it across all networks, devices, and infrastructure — all the way to the tactical advantage. Mission-critical defense operations depend on secure, readily available data.

As the DoD and military services digitize operations, data becomes a primary target for adversaries. Threats are becoming more and more advanced. Ransomware, destructive malware and supply chain attacks can evade perimeter defense. Additionally, DoD environments are mobile, dynamic, and distributed, which makes protecting data in such environments difficult. Coalition environments create additional challenges as the MoD must assume the partners’ data security risks.

And, according to the World Economic Forum’s Global Cybersecurity Outlook 2024 – published in January – the world “faces [in 2023] a polarized geopolitical order, multiple armed conflicts, skepticism and fervor about the implications of future technologies, and global economic uncertainty.” Further indicating that there is a growing cyber disparity between organizations that are cyber resilient and those that are not.

Protecting the confidentiality, integrity and availability of DOD data against nation states and other adversaries is critical. The last Cybersecurity Strategy of the Ministry of Health notes that US adversaries seek to use malicious cyber attacks to achieve asymmetric advantages by targeting critical US infrastructure and undermining US military superiority.

Leverage backup and automation

How can the Ministry of Development operate and protect data at speed and scale?

A strong data-centric approach that integrates capabilities such as data discovery, classification and observability, at layers with artificial intelligence and machine learning (AI/ML) can provide continuous visibility into the risks of distributed data. Integrating backup data adds context to detect abnormal access attempts and insider threats. Many IT teams view backup primarily for disaster recovery rather than cyber resilience.

According to recent Data security status report, 90% of ransomware attacks target backup stores first. Air-gapped, immutable backups with isolated recovery enable companies to keep operations running even when primary systems are compromised. Cyber ​​recovery goes beyond basic backup requirements, but is necessary to achieve the cyber resilience principles outlined by the National Institute of Standards and Technology (NIST).

The Department of Defense should be religious about backups in the same way that the Ukraine long before the Russian invasion, noted Robert Joyce, director of cyber at the National Security Agency. Silverado Policy Accelerator Summit, last year. Having an organization’s processes in place before a disaster is critical to quickly recovering and returning to a known, reliable state.

Artificial intelligence and machine learning are powerful technologies, but they are not ends in themselves. They provide information to help achieve mission outcomes. However, adversaries could try to poison or manipulate the training data to degrade the performance of AI systems. Maintaining high quality, representative data and cyber security is important.

Strong data pipelines and observability are imperative to trust AI/ML-based decisions. AI/ML can improve decision making, but the integrity of the underlying data is critical. If poisoning occurs, the systems produce inaccurate results. It’s important to keep track of where each piece of data came from and whether it’s still up-to-date, as well as strong access controls and redundancy to help secure AI/ML data pipelines.

Zero trust application

DoD officials have recognized that defending networks solely with robust and increasingly sophisticated perimeter defenses is no longer sufficient to achieve cyber resilience and information security in an enterprise that spans geographic borders, interconnects with external partners, and supports millions of authorized users worldwide.

To address these challenges, the Department of State is moving toward an improved cybersecurity framework based on zero-trust principles that must be adopted across the department. The basic principle of the zero-trust model is that no person, data, system, network or service operating outside or inside the security perimeter can be trusted. Instead, in this new normal of an alleged breach mentality, anything and everything that attempts to create access must be verified.

Adversaries are primarily looking for two things, access and data. A cornerstone of zero trust is implementing strong authentication and access controls, such as multi-factor authentication. Secure enterprise-level identity management is essential, otherwise adversaries can compromise user accounts to infiltrate networks, exfiltrate data, and launch attacks. Data is becoming increasingly valuable and vulnerable.

Data weaponization or data breach are threats that should also be considered when implementing zero trust, especially when migrating to pre-existing IT environments. To this end, zero trust must evolve to better protect data and incorporate cyber resilience.

Data plays a huge role in the Department of Health’s aims to leverage AI and ML. Without robust, secure, immutable, and reliable data, the creation, evolution, and use of artificial intelligence for national security applications will be severely limited.

Defense services must gain visibility and control of data across all environments, from on-prem, across networks and multiple clouds, to the tactical edge and across all domains—land, air, sea, cyber and space. To reach this end state, defense agencies must harness the power of automation, AI/ML, data observability, and other capabilities to detect threats faster and reduce response time.

Identification of unknown hazards

Holistic data observability, including classification, access patterns and blame detection, enables organizations to uncover unknown risks and be more proactive. Combined with multi-layered analytics and behavioral detection, this visibility enables predictive and automated security responses.

To scale security, automation and orchestration are key. Policy-based data protection and integrated threat flows enable much greater speed and consistency than manual processes.

By focusing on data-centric visibility, protection and validation capabilities, zero-trust architecture, and automated response, the State Department can implement cyber resilience at an enterprise scale. Staying ahead of rapidly evolving threats is imperative to maintaining the information advantage.

As new attack vectors emerge, defense agencies must implement a security strategy aligned with today’s hybrid, hyper-connected environments. Cyber ​​resilience ultimately depends on the ability to protect critical data wherever it resides. Defense leaders must make strong data security a vital component of the sector’s cyber readiness and mission success.

Travis Rosiek is Public Sector CTO at Rubrik

Read the original at Defence247.gr

Related Posts