Industry executives interviewed at Black Hat USA cybersecurity conference in Las Vegas said government agencies need to have more visibility into their networks in order to protect their infrastructure from cyber threats, Fifth Domain reported Friday.
“One of the needs on a large scale is to really understand the elements of the stack that are needed in order to perform full-scale cyber defense,” Abdul Rahman, chief scientist at Fidelis Cybersecurity, told the publication. “Their sensors don’t give them good enough visibility … into where the problems are in their network,” he said. “You don’t know what you don’t know because you don’t know your terrain.”
Other industry experts called on agencies to implement vulnerability disclosure initiatives.
“Implementation of a vulnerability disclosure policy across the entire federal government literally as a starting point for the conversation around the fact that they are serving the public,” said Casey Ellis, founder and chief technology officer of Bugcrowd. “The public is connected to the internet and if they see something, they should be able to say something,” he added.
“They should mandate vulnerability disclosure programs for every federal agency, for every publicly listed company, and every company that holds consumer information,” Marten Mickos, CEO of HackerOne.