Federal News Network hosted another successful Industry Exchange Cyber event in late January, where ExtraHop Senior Strategic Advisor, Sarah Cleveland, joined experts from iProov, Cisco, and Dakota State University to discuss cybersecurity in the public sector with Tom Temin, host of The Federal Drive. Cleveland and Temin had a wide-ranging discussion, touching on network visibility, zero trust, artificial intelligence (AI), and how Cleveland’s background as a retired Air Force Colonel influences her approach to cybersecurity.
There’s No Zero Trust Without Network Visibility
One of the fundamental principles of cybersecurity is that you can’t protect what you can’t see. For the modern government agency, that means knowing at any given time who and what is on your network, how data is flowing across it, and the health of your endpoints. Temin and Cleveland agree that this isn’t a static picture: endpoints, data flows, and users are dynamic. If you want to protect your network, AND get the highest level of performance from it, you need to understand how all these different factors work together and shift over time.
And that understanding is even more important when you’re implementing a zero trust architecture. Zero trust presumes that attackers are already inside the network. Network visibility shows you what users, applications, and other entities are doing so you can decide how to control workflows and the flow of data. Without clear, granular visibility, it’s not possible to enforce policies like microsegmentation.
Cleveland also highlights the connection between zero trust, visibility, and application management. “Everything works on applications in the modern network, so application management is key to visibility, zero trust, and understanding where and how your data is being used.”
Visibility into applications can also help you modernize your agency. “Anything on your network creates vulnerabilities and needs to be protected. So you need to get rid of the applications on your network that you aren’t using, because otherwise you have to spend time and energy protecting and monitoring them. The less complicated your network is, the easier it is to create a holistic picture.”
Artificial Intelligence Will Make Zero Trust Successful and Network Visibility Attainable
Cleveland advises security practitioners to embrace AI, but with some degree of caution. AI is a tool, like a calculator, that can help direct the valuable time and intellectual energy of security professionals towards tasks that make better use of their skills.
Much like a calculator, AI’s outputs are only as good as the data fed into it. Security analysts relying on an AI tool to monitor their network need to understand how that tool generates alerts so they can respond to them intelligently. Used correctly, AI can help security teams respond to threats more quickly and accurately.
Teamwork is Crucial for Zero Trust Success
Temin asked Cleveland how her background as a retired Air Force Colonel influences her perspective on cybersecurity, and her answer was definitive: “Working together with people in small teams is critically important in cybersecurity. You need various skill sets at various levels of competency to obtain the outcomes your organization really needs.”
That wisdom holds true not only for cybersecurity teams at individual organizations, but for the concept of zero trust, too. “It’s one of the things that attracts me to zero trust,” Cleveland says. “You can’t do it with one or two vendors. You have to have a bunch of folks with different technologies come together and agree to work on this problem.”
Watch the whole interview below. Learn how RevealX supports zero trust. Share your thoughts on zero trust in the public sector on the ExtraHop customer community.