July 18, 2022 By Akiba Saeedi 3 min read

Securing information and infrastructure is among the highest national security priorities. In recent months and years, we continue to see an escalating sophistication and frequency of attacks by malicious actors and nation-states. In response, leaders are taking action. The Executive Order 14028 has focused both the Federal government and the private sector on aligning to strengthen our nation’s cyber posture. New mandates such as the OMB’s Federal Zero Trust Architecture Strategy M-22-09 and OMB’s implementation of agency integration of NIST Software Supply Chain Security Guidance are driving focus. Spending levels are at an all-time high — both in terms of the funding poured into cybersecurity companies to innovate on new solutions, which more than doubled in 2021 and in the 2023 Federal Government budget request where cyber spending exceeds any prior budget at $22 billion (defense, civilian).

It is a huge undertaking that requires the collaboration of security experts in our agencies and from the ecosystem of industry security companies. The focus is to help federal agencies address one of the most pressing national security priorities of our time. Simply put, our “common mission” needs to be helping the U.S. government reinforce its defenses against increasingly sophisticated and persistent threat campaigns. That includes helping agencies progress and accelerate their zero trust journey and focusing on the nation’s significant skills gap. There has been a significant investment in technology by many agencies that are not yet fully exploited to serve their intended purposes. While innovations in technology are part of the solution, an equally important and perhaps harder to change element is the people, culture, and leadership alignment to the security priorities. These are the issues we are collectively tackling every day.

Cybersecurity is a team sport. Many companies aim to be great teammates on the field. There has to be an investment not only in solutions but in the cyber community itself. There are important public/private partnership initiatives also helping in the fight that aims to bring the best of industry knowledge together with the critical guidance of the U.S. government on cyber issues including:

  • CISA’s JCDC, Joint Cyber Defense Collaborative, announced last year, which leads the development and implementation of joint cyber defense plans and operations to enhance cyber resilience. Today it includes 21 private sector alliance members. Continuing its ongoing information-sharing partnership with CISA, IBM joined JCDC in January for threat intelligence sharing for greater situational awareness and preparedness. As stated in the JCDC fact sheet, dated March 2022, “Simply put, the work of the JCDC is about seeing the dots, connecting the dots, and collectively driving down risk to the nation at scale.”
  • NIST is driving numerous important initiatives, including an end-to-end zero trust reference architecture to help industry and government reduce the risk of cyber attacks and post-quantum cryptographic algorithms for future industry standardization. There are currently 22 vendors working on the Zero Trust reference architecture industry guidance that will offer practical steps for implementing an architecture for zero trust for several use cases. Recently, NIST announced the selection of four cryptographic algorithms. IBM Research team worked for years with NIST on developing three of those standards, in collaboration with a number of industry and academic partners.
  • In August 2021, President Biden met with private sector and education leaders to discuss the whole-of-nation effort to address cybersecurity threats. The Biden administration and these leaders announced ambitious initiatives to bolster the nation’s cybersecurity. IBM’s CEO Arvind Krishna shared five key commitments and initiatives, outlined in a LinkedIn article, “The Time to Prioritize Cybersecurity is Now.”

Helping the broader community address a well-recognized talent shortage is another important area of focus for cybersecurity industry leaders. As an industry leader, IBM is committed to addressing the cyber skills gap by investing in education and the workforce and focusing efforts on untapped diverse resources like the Historically Black College & Universities (HBCU) and Minority-Serving Institutions (MSI) communities.

IBM and others continue to think about how we can do more to help in the fight for improving the cyber posture of our nation. We look forward to the continued journey together.

For more information on how IBM can help, check out our new Cybersecurity in US Federal landing page, which we will continue to update and share news. To learn about accelerating zero trust plans and adoption, listen to this webinar.

More from Government

Updated SBOM guidance: A new era for software transparency?

3 min read - The cost of cyberattacks on software supply chains is a growing problem, with the average data breach costing $4.45 million in 2023. Since President Biden’s 2021 executive order, software bills of materials (SBOMs) have become a cornerstone in protecting supply chains.In December 2023, the National Security Agency (NSA) published new guidance to help organizations incorporate SBOMs and combat the threat of supply chain attacks.Let’s look at how things have developed since Biden’s 2021 order and what these updates mean for…

Roundup: Federal action that shaped cybersecurity in 2023

3 min read - As 2023 draws to a close, it’s time to look back on our top five federal cyber stories of the year: a compilation of pivotal moments and key developments that have significantly shaped the landscape of cybersecurity at the federal level.These stories highlight the challenges federal agencies faced in securing digital infrastructure in the past year and explore the evolving nature of cyber threats, as well as the innovative responses required to address them.New White House cybersecurity strategyThe White House’s…

ITG05 operations leverage Israel-Hamas conflict lures to deliver Headlace malware

12 min read - As of December 2023, IBM X-Force has uncovered multiple lure documents that predominately feature the ongoing Israel-Hamas war to facilitate the delivery of the ITG05 exclusive Headlace backdoor. The newly discovered campaign is directed against targets based in at least 13 nations worldwide and leverages authentic documents created by academic, finance and diplomatic centers. ITG05’s infrastructure ensures only targets from a single specific country can receive the malware, indicating the highly targeted nature of the campaign. X-Force tracks ITG05 as…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today