The Foreign Office’s Office of Diplomatic Security is working to establish a continuous integration and delivery (CI/CD) pipeline, where security is included throughout the development process, from start to finish. State Department cybersecurity experts are divided into red and blue teams to collaborate and improve the agency’s security.
On the blue team side, we’re doing a lot of work on creating an artifact called a blue dashboard, where some of the applications that our system owners would like to see have been evaluated and they’ve created metrics to be able to provide system owners with a scorecard, and then provide results based on vulnerabilities or misconfigurations they’ve seen based on prior institutional knowledge as well as things we see in the industry, said Manny Medrano, director of cybersecurity oversight and operations at the State Department. Federal perspectives Best practices for secure software development.
Meanwhile, red team testing may have similarities to penetration testing, but there is a distinct difference between the two. Penetration testing is a security assessment that primarily focuses on identifying and understanding system strengths and weaknesses. State Department red team testing has a specific focus and takes longer because the process goes through multiple steps.
The State Department works closely with the Office of Information Resources Management (IRM) on the future of coding and automation, conducting continuous penetration testing, continuous evaluation and discovery of vulnerabilities, and continuous corrective action.
Everything we do has a code and that is extremely important. Even though we say low code, no code, there is still code. The key is configuration and how much of that configuration or coding is manual. This is the challenge facing industry and government agencies today. The more automated it is and the more code that’s built according to consistent best practices and not changed by a human, the better, Medrano said.
As artificial intelligence becomes an essential tool in the field of cybersecurity, Medrano is concerned, but plans to use it in his automated process solutions while allowing human interactions to confirm the results.
We’re certainly learning along the way, we’re also maturing to make sure we’re working with industry on penetration testing for AI models. We are also committed to including our SoC, Medrano said. Federal Drive with Tom Temin. AI is great, it can definitely become an enabler. For me, this will not replace people. It’s not. You still need that certificate. And even our (chief information officer) keeps saying that. Now, can it help us automate and simplify? Absolutely. I’m for that too. So in my current job, the office I lead is all about using AI as an enabler, but also building our capabilities to defend against bad AI models.
The Ministry of Foreign Affairs is the diplomatic agency that pays the most attention to established relations. Medrano said that while technology won’t solve every problem, developing relationships with developers and building trust will go a long way toward the mission.
In particular, we have established relationships with many of our service providers. It’s a team sport. That means we all have to work together. We work with cloud providers as well as other providers and then conduct penetration testing with them. And it could be (infrastructure-as-a-service, platform-as-a-service, or software-as-a-service.) Between the SoC, the red team, the blue team, and the software engineering team, they’re all mixed up. What we’ve learned is that they learn from each other and that brings that variety to the different parts. I think that is extremely important, especially in today’s complex world, he said.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located in the European Economic Area.