John Nemoto and Chris Lavergne of CGI wrote in a guest piece published Wednesday on GCN that federal agencies seeking to protect their networks from cyber threats and reduce the noise posed by high volume of network traffic should have a comprehensive cybersecurity framework in place.
Lavergne and Nemoto said there are five factors agencies should consider in developing that framework and one is keeping a security-focused approach to development.
“DevSecOps provides a security-focused approach throughout the development process when implementing new tools, resulting in a more secure end product,” they wrote. “DevSecOps helps to change the underlying business culture to one that embraces security and considers the downstream security impacts of decisions.”
Another element is adopting layered protection tools to help agencies strengthen their cyber defenses against threat actors. They also cited the potential benefits of using zero-trust authentication protocols to agencies.
The other three factors for developing a noise-canceling cyber framework are engaging in real-time threat monitoring, providing cyber education and training and choosing the right strategic partner.
“With up-to-date robust tools, detailed processes and policies and an involved cybersecurity workforce, agencies can reduce the noise and spot the hidden and more complex risks and threats,” they added.
Nemoto is a vice president at CGI Federal. Lavergne is CGI’s lead systems integrator manager for the Department of Homeland Security’s Continuous Diagnostics and Mitigation DEFEND Group C.
If you want to know more about the latest updates about the Cybersecurity Maturity Model Certification, then check out Potomac Officers Club’s CMMC Forum coming up on June 16. To register for this virtual forum and view other upcoming events, visit the POC Events page.