Todd Helfrich, vice president of federal sales at SentinelOne (NYSE: S), said government agencies should advance cyber resiliency, adopt industry best practices and reduce the identity attack surface to protect endpoints and networks from cyber adversaries.
Helfrich wrote that cyber resiliency has been highlighted by the release of guidance by the National Institute of Standards and Technology in response to the White House’s cybersecurity executive order.
“NIST’s guidance is helping agencies harden enterprises and develop the ability to rapidly detect adversaries through endpoint behavior analysis, endpoint detection, command line monitoring, exploitation for credential access, forced authentication and event monitoring,” he noted.
He said agencies should look at “identity as the new network perimeter,” scale down the attack surface by identifying over-privileged users, cached credentials and other identity-related cyber hygiene problems and understand the importance of identity threat detection and response.
According to Helfrich, Mitre’s ATT&CK process and Engage and D3FEND tools “augment NIST’s Risk Management Framework and cyber resiliency guidance by helping agencies deploy active cyber defense technologies.”
Helfrich cited the need for agencies to automate network and endpoint security amid the cybersecurity workforce shortage.
“By implementing automation specific to endpoint and network security, agency employees can eliminate routine, manual activities and instead focus on policy, security configurations and cyberthreat hunting to improve their ability to block, defend and contain attackers,” he added.