Cybersecurity initiatives for government agencies — in fact, other organizations, too — have to be proactive and iterative.
According to the US Office of Management and Budget, federal agencies reported 30,899 cybersecurity incidents to the Department of Homeland Security last year. Threats are evolving across multiple vectors as the number of potential entry points expands exponentially with the proliferation of connected devices and the Internet of Things (IoT). IHS Markit predicts that the number of connected devices will increase from 15.4 billion in 2015 to 30.7 billion by 2020, and 75.4 billion by 2025.
Last fall, the Mirai botnet recruited connected devices such as webcams and DVRs to disrupt websites including Spotify, Twitter, and PayPal. Also last year, white hat security researchers demonstrated how to execute a ransomware attack on smart thermostats, and cyberattacks on the Ukraine electric grid have been carried out over the past two years.