In what is likely the first open letter to President-Elect Donald J. Trump from a member of the U.S. cybersecurity community, an industry leader has made three smart recommendations regarding the nation’s security defenses—including choosing one standard security compliance framework (NIST), reducing dependence on enterprise perimeters, and expanding the educational Cyber Corps program.
HyTrust applauds all three recommendations and is already helping Federal agencies meet them. In fact, our company has been on the forefront of these initiatives for years—and will continue to be long into the future.
With our long history working with Federal agencies and participating in the National Institute of Standards and Technology (NIST), we’re excited to see a cyber security expert proactively address the growing risk of large-scale cyber threats to the U.S. with the new administration.
In his first recommendation, Dr. Edward G. Amoroso, former Chief Security Officer of AT&T and founder of TAG Cyber stated:
Direct that the NIST Framework shall be the only acceptable cyber security compliance standard in the U.S. We have too many compliance frameworks and this diverts the attention of our nation’s cyber defenders from security operations to administrative paperwork. Demand that compliance be done properly, but that it be done only once using the NIST framework.
HyTrust is an active long-time supporter of the NIST Cybersecurity Framework. That’s why HyTrust’s Cloud Workload Security solutions were developed specifically to support the NIST standards.
The NIST Cybersecurity Framework delivers significant benefits because it includes leading best practices from various standards bodies that have proven to be successful. It also delivers regulatory and legal advantages that extend well beyond improved cybersecurity.
Our commitment runs so deep that we have a long and strong history supporting NIST and working with a wide range of Federal agencies to strengthen their cybersecurity through this framework. Also, HyTrust has supported the adoption of the NIST standards in a variety of ways, including cloud computing workshops, use-case definitions, reviews of early 800-125 drafts, continuous monitoring, and crypto workshops.
What’s more, HyTrust was a key contributor to the creation of “Trusted Geolocation in the Cloud,” one of the foundational building blocks when the NIST National Cybersecurity Center of Excellence was established in April of 2013. Primarily because of this work HyTrust became a founding NCEP partner, and participated in the inaugural signing ceremony. Further, we’ve pledged to continue our support as a partner and collaborator on future projects, including Financial Services Access Rights Management.
In his second request to the president-elect, Dr. Amoroso states:
Direct that each government agency shall immediately implement a plan to reduce their dependence on an enterprise perimeter. When the first major cyber attack is launched against our country during your administration, it will certainly exploit some weak existing perimeter, so this must be fixed at once.
We wholeheartedly agree. In fact, HyTrust’s whole approach is that there is no perimeter—and that security policy has to be applied at the highest point of vulnerability in the IT infrastructure by asking who or what has control and visibility of the compute, network, and storage workload.
In his third recommendation, Dr. Amoroso advises:
Direct that each government agency shall significantly expand their Cyber Corps program for young people interested in a cyber security career.
This could not be more important. Many Federal agencies have experienced an acute shortage of IT talent over the past few years, especially in high-demand areas like cybersecurity, data science, and software development. To help support an expanded cyber workforce, we have actively recruited and trained dozens of undergraduate and graduate program interns in cybersecurity within our organization. Today they are among our best and brightest.
HyTrust’s pro-active approach to today’s cybersecurity challenges has resulted in significant growth—a trend we expect to continue in the coming New Year and beyond as more Federal agencies face the harsh realities of today’s unrelenting cyberthreats.
We are looking forward to continuing our work under the new administration to help keep the U.S. cyber defenses strong and secure from each and every cyberthreat—both near and far.