Key takeaways from the 2024 Report on the Cybersecurity Posture of the United States

The Office of the National Cyber Director’s (ONCD) 2024 Report on the Cybersecurity Posture of the United States highlights significant trends and areas of concern in the evolving cyber threat landscape. Notably, it underscores the growing risks to critical infrastructure, the persistent threat of ransomware, the exploitation of supply chains, the proliferation of commercial spyware and the dual-edged impact of artificial intelligence.

Brian Borysewich, Chief Information Security Officer (CISO) at C8 Secure, provides his insights on the report, emphasizing the importance of enhanced public-private collaboration, robust incident response plans, advanced threat detection technologies and comprehensive training programs. By adopting these measures, organizations can build a resilient cybersecurity framework to defend against ever changing and increasingly sophisticated persistent cyber attacks.

Q&A with Brian Borysewich

What were your initial impressions after reading the 2024 Report on the Cybersecurity Posture of the United States?

The report identifies several areas needing significant improvement. These include the need for enhanced collaboration between public and private sectors, improved cyber hygiene practices across all industries, and the development of more robust incident response plans. Additionally, there is a call for greater investment in cybersecurity research and development to keep pace with the evolving threat landscape.

Was there anything in the report that surprised you or confirmed what you are already seeing in the industry?

The emphasis on commercial spyware was particularly striking. While we’ve been aware of its existence, the report’s detailed analysis confirms its rapid growth and the significant

threat it poses. The extent to which these tools are being developed and sold by private vendors to nation-state actors was eye-opening. This aligns with what we are already seeing in the industry, where the lines between nation-state and criminal activities are increasingly blurred. The sophistication and availability of these surveillance tools are growing at an alarming rate, making it easier for malicious actors to carry out highly targeted and invasive attacks.

Another point of confirmation was the continued threat posed by ransomware. The report’s findings on ransomware mirror what we’ve been observing: ransomware groups are becoming more organized and their tactics more advanced. They are continually finding new ways to evade detection and disrupt operations, which reinforces the need for constant vigilance and adaptive security measures within organizations.

Overall, the report validates many of the trends and threats that cybersecurity professionals have been monitoring, but it also highlights emerging areas that require immediate attention and action.

How do the findings of this report compare to some of your other governmental agency experiences?

The findings of the 2024 report are notably more detailed and forward-looking compared to other governmental agency reports I’ve encountered. One significant difference is the comprehensive integration of emerging technologies, such as artificial intelligence, into the broader discussion on cybersecurity. Many previous reports have touched on traditional cybersecurity threats and responses but have not delved as deeply into how rapidly advancing technologies are reshaping the threat landscape.

Additionally, this report places a strong emphasis on the interconnection of cyber threats and the broader geopolitical environment. It recognizes that cyber risks are not isolated incidents but are often part of larger strategic moves by nation-state adversaries. This holistic view aligns well with the realities we see in the industry, where cyber threats are increasingly used as tools of political and economic influence.

Another standout aspect is the report’s focus on the commercial spyware market and its implications. This is a relatively new area of concern that hasn’t been covered in as much depth by other reports. The acknowledgment of commercial entities contributing to the cyber threat landscape by selling advanced surveillance tools to nation-state actors is a critical insight that requires immediate attention and regulatory action.

Furthermore, the report’s recommendations for enhancing collaboration between the public and private sectors, as well as investing in cybersecurity research and development, reflect a progressive approach that is essential for addressing modern cyber threats. In my experience with other governmental reports, there is often a lag in recognizing the need for such proactive measures.

Overall, the 2024 report provides a more nuanced and forward-thinking perspective that is crucial for developing effective cybersecurity strategies in today’s rapidly evolving digital world.

What are the best measures government agencies or organizations should take in the face of ever-growing cyber attacks?

Government agencies and organizations must adopt a proactive and layered defense strategy to effectively combat the ever-growing threat of cyber attacks. Here are some of the best measures they should consider.

• Enhanced collaboration
  • Foster stronger collaboration between public and private sectors.
  • Share threat intelligence, best practices and resources.
  • Establish partnerships and communication channels.
• Regular security audits and assessments
  • Conduct regular security audits and assessments.
  • Perform internal and external evaluations.
  • Update vulnerability assessment and penetration testing (VAPT) regularly.
• Advanced threat detection and response using latest technologies
  • Invest in AI-driven analytics, machine learning and behavioral analysis tools.
  • Implement Security Information and Event Management (SIEM) systems.
• Robust incident response and mitigation plans
  • Develop and maintain clear procedures for detecting, responding to, and recovering from cyber incidents.
  • Regularly test and update these plans through simulations and drills.
• Comprehensive training and awareness programs
  • Provide ongoing cybersecurity training and awareness programs for all employees.
  • Educate staff on recognizing phishing attempts, social engineering tactics and other common attack vectors.
• Cyber hygiene practices – protecting the environment
  • Implement and enforce strong cyber hygiene practices.
  • Ensure regular software updates, patch management and the use of multi-factor authentication (MFA).
• Supply chain security
  • Strengthen supply chain security by assessing and monitoring third-party vendors and partners.
  • Establish strict security requirements and conduct regular assessments.
• Investment in research and development
  • Allocate resources to cybersecurity research and development.
  • Invest in innovative technologies and methodologies to stay ahead of emerging threats particularly around advancements in AI and artificial general intelligence (AGI).
• Legislative and regulatory compliance
  • Ensure compliance with relevant cybersecurity regulations and standards, and not simply performing Checkbox Security.
  • Stay abreast of legal requirements and industry standards.
• Public awareness campaigns using all mediums
  • Engage in public awareness campaigns to educate citizens about cybersecurity risks and best practices.
  • Increase public knowledge and vigilance to create a more secure digital environment.

With cyber threat incidents on the rise, C8 Secure is committed to working closely with corporations and governmental agencies to provide practical, adaptable, preventable and problem-solving security solutions.

Learn how our expertise can help your organization stay ahead of cyber threats – contact us today!

Let’s Get Started