2 minute read
At a Glance: Government Cybersecurity Nationwide
7 Cybersecurity Terms to Know
The following terms are vital to understanding today’s public-sector cybersecurity landscape.
Advertisement
1. Advanced persistent threats (APTs): APTs are cyberthreats that allow bad actors to gain unauthorized access to computer networks and then avoid detection for long periods of time using stealth. While typically linked to nation-states, APTs can be any cybercriminals who conduct large-scale intrusions. APTs can cause serious economic, political and national security damage, making them one of today’s biggest cyberthreats.
2. Endpoints: Endpoints are the various devices — such as laptops and mobile phones — that can connect to IT networks. As the number of endpoints increases, cybersecurity becomes more difficult for agencies. Endpoint cybersecurity will only grow more important as remote work’s popularity explodes.
3. Malware: Malware refers to any malicious software that is created for purposely harming computers, networks and IT. Any software that unintentionally damages these technologies is usually called a bug, glitch or vulnerability.
Malware also comes in many forms, ranging from computer viruses to ransomware.
4. Phishing: Phishing involves attackers sending fake messages that trick victims into revealing sensitive information or installing malware on their computers. In recent years, cybercriminals have phished using everything from email to social media. Although common, phishing works because it victimizes people by using realistic deceptions.
5. Ransomware: Ransomware threatens to block access to or leak a victim’s sensitive data unless a ransom is paid. Increasingly prevalent, this malware can also upend agencies’ operations. Experts often caution against paying ransomware ransoms, as this money can fund additional cybercrime.
6. Social engineering: Social engineering occurs when cybercriminals psychologically manipulate people into performing actions such as revealing confidential information.
At agencies, social engineering can interrupt operations, damage public trust or cost money. Social engineering can come from any hostile source inside or outside an agency.
7. Zero trust: Zero trust is a cybersecurity model designed to automatically distrust every device, user or other entity on an
IT network. These entities can access agencies’ resources only after having their identities verified. Zero trust cybersecurity thus covers everything inside and outside a network’s perimeter; this philosophy also helps agencies continuously monitor their IT systems and assets.
Federal Cybersecurity Spending
Federal IT Spending
The Biden administration’s federal budget for fiscal 2022 contained many items suggesting cybersecurity may become a bigger national priority going forward.
IT spending relates to cybersecurity as it illustrates the scope of the networks that agencies might have to defend.
$9.8 billion
the projected amount of funding for securing federal civilian networks, protecting national infrastructure and supporting information-sharing efforts. The money would also fund related standards and best practices between the federal government, critical infrastructure partners and American businesses in fiscal 2022.
Source: The White House
$750 million
the projected amount of funding for agencies affected by recent significant cybersecurity incidents to address exigent gaps in their security capabilities in fiscal 2022.
Source: The White House
$97.1 billion
the projected amount of total federal IT spending in fiscal 2022, up from $92.9 billion in fiscal 2021.
Source: Federal IT Dashboard
$25.6 billion
the projected amount of the above total that will go toward major IT investments, vs $71.5 billion that will go toward minor IT investments.
Source: Federal IT Dashboard
