Branko Bokan, an official under the Cybersecurity and Infrastructure Security Agency’s cybersecurity division, said the agency is deploying a new approach that uses an adversary viewpoint to address network security issues, Nextgov reported Tuesday.
Bokan noted during an event in Washington, D.C. that the Cybersecurity Architecture Review of the .gov domain, also known as “.govCAR”, was based on a Department of Defense approach and enables the Department of Homeland Security component to identify bad actors’ cyber capabilities by enacting threat-based activities.
“With this methodology, we can put ourselves in the shoes or in the position of an adversary to look at our cyber capabilities,” he said. “And the first thing we do is enumerate all the threats—all the actual threats that we see in the wild today.”
Bokan’s comments come ahead of CISA’s planned release of a white paper on cybersecurity best practices. According to the report, agencies must implement and integrate mobile threat defense, mobile application vetting and enterprise mobility management to improve their security posture.