Security leaders respond to the White House's internet routing guide

Image via Unsplash

The White House Office of the National Cyber Director (ONCD) has released a guide to improve the security of the Border Gateway Protocol (BGP). BGP is essential to internet operation for more than 70,000 independent networks, as internet traffic is directed between networks via the BGP to determine the destinations reachable through those networks. The BGP is foundational to networks such as cloud providers, universities, internet service providers, energy companies, and federal, state, and local governments. By addressing this threat, the ONCD intends to confront an issue that has been a longtime threat to internet traffic security.

“Securing internet routing has been a long-term effort. It is a difficult one because it takes a lot of different players all taking action to be useful,” says Ari Schwartz, Coordinator of the Center for Cybersecurity Policy and Law. “The ONCD’s roadmap is showing us how to get secure routing done and starting up the collective action efforts needed to get us to the finish line.”

The guide released by the ONCD supports adopting a Resource Public Key Infrastructure (RPKI) as a method to manage vulnerabilities within the BGP, including suggested actions applicable to all types of networks. The provided recommendations are important to operators and owners of critical infrastructure, government entities (both state and local), and any entity dependent on internet access for purposes of high value.

Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, commented, “We are decades late in securing BGP. Now we have a few good ways to better secure BGP. The United States government supports one of the methods... not the best... but an incremental way forward, and all we need to do is get vendors and organizations to implement it. Getting CISA involved is one great way to accomplish this. I’m not usually very optimistic for any good cybersecurity standard to be well-implemented in a timely manner, but I have great hope for this one. If it is pulled off like we all want it to, in a year or two, BGP will finally be harder to compromise than it has been for decades.”

Schwartz remarks, “The roadmap released by the ONCD marks just the beginning of a comprehensive and collaborative effort to secure our internet’s core ecosystem. We must continue to work across sectors to upgrade the infrastructure and address the evolving challenges in internet security and protect the integrity of our global networks.”

Jordyn Alger is the managing editor for Security magazine. Alger writes for topics such as physical security and cyber security and publishes online news stories about leaders in the security industry. She is also responsible for multimedia content and social media posts. Alger graduated in 2021 with a BA in English – Specialization in Writing from the University of Michigan. Image courtesy of Alger

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.