Security leaders react to the White House’s internet routing guidelines

The White House Office of the National Cyber Director (ONCD) has published a roadmap to enhance the security of the Border Gateway Protocol (BGP). BGP is crucial for the operation of more than 70,000 independent networks, as internet traffic is routed between networks via BGP to determine reachable destinations. The BGP is fundamental for networks like cloud providers, universities, internet service providers, energy companies, and various government entities. By addressing this issue, the ONCD aims to combat a long-standing threat to internet traffic security.

According to Ari Schwartz, Coordinator of the Center for Cybersecurity Policy and Law, “Securing internet routing has been a challenging endeavor that requires coordinated efforts from multiple stakeholders. The ONCD’s roadmap provides a guide on how to achieve secure routing and kickstart the collective action needed for success.”

The guide released by the ONCD advocates for the adoption of Resource Public Key Infrastructure (RPKI) as a means to address vulnerabilities in BGP, offering recommended actions applicable to all network types. These recommendations are vital for operators of critical infrastructure, government entities, and organizations reliant on internet access for critical operations.

Roger Grimes, Data-Driven Defense Evangelist at KnowBe4, stated, “Securing BGP is long overdue, and now we have effective methods to enhance its security. The support from the U.S. government for one of these methods is a step forward, and the key now is implementation by vendors and organizations. Involving CISA is a positive move towards achieving this goal, and if executed successfully, BGP will become significantly more resilient to compromise.”

Schwartz added, “The release of the roadmap by the ONCD is just the initial phase of a comprehensive and collaborative initiative to secure the core ecosystem of our internet. We must continue to collaborate across sectors to upgrade infrastructure and address evolving internet security challenges to safeguard the integrity of global networks.”