The message from this year’s Billington Cybersecurity Summit was clear: we’ve reached a crossroads in both national and global cyber defense.
Leaders across agencies, states, and the private sector echoed a call to action – collaboration and a proactive approach to detecting and limiting exposure to threats are no longer optional; they are essential to protect the nation’s most critical assets.
The urgency of this moment was underscored by a Joint Advisory issued just two weeks prior by the FBI and its partners. The advisory warned of active malicious campaigns by state-sponsored Advanced Persistent Threat (APT) actors, urging high-risk sectors like the military and telecom industry to look for indicators of compromise and implement mitigations immediately.
This heightened threat landscape set the tone for the Summit. Adversaries are evolving at an unprecedented pace, and a reactive approach simply won’t cut it anymore.
Manning the Titania stand, I witnessed this urgency firsthand. Every conversation revolved around modernization, network readiness, collaboration, and staying ahead of new risks.
In this blog, we share five key takeaways from the Summit that highlight the path forward in this pivotal moment for cybersecurity.
1. APTs are shifting tactics - so should defenders
Speakers from the FBI highlighted how nation-state actors are forcing defenders to rethink traditional threat hunting strategies.
Attackers are no longer smash-and-grab opportunists. APT groups, such as Volt Typhoon and Salt Typhoon, are quieter and stealthier often hiding in plain sight by using legitimate tools already present on a system rather than deploying noisy malware. This approach makes it far harder to detect them.
What stood out most was the shift in intent. CISA’s Associate Director for Threat Hunting highlighted a clear evolution from espionage to “computer network attack, prepositioning or disruption in terms of capabilities.”
Threat groups are now embedding themselves in order to disrupt, degrade or destabilize networks over time.
This change in strategy has shifted the conversation to ‘assume breach’. This mindset change requires organizations to proactively identify threats hidden within the network, rather than waiting for an alarm to sound, emphasizing the need for deep network visibility and continuous monitoring.
2. Foundational network security is critical for resilience
Volt and Salt Typhoon have shown that legacy network vulnerability management programs fail to deliver foundational security, providing attackers with a blueprint by exploiting under-monitored network infrastructure.
Consider Salt Typhoon’s assaults. Attackers gained entry through routers, devices often overlooked and unmonitored, using them for every stage of attack: access, persistence, movement, collection, and exfiltration.
Hardening network devices, enhancing network visibility, and prioritizing network risks by criticality were key topics of conversations at the Titania stand.
3. Federal IT systems need rapid modernization
Legacy systems were a recurring theme throughout the summit, and for good reason. In his Tuesday morning keynote, National Cyber Director Sean Cairncross issued a clear call for the rapid modernization of federal cyber defenses.
The use of legacy devices remains widespread across federal infrastructure due to mission requirements and budget constraints. But the reality is that aging IT devices carry inherent risks: they are harder to patch and secure and are often riddled with vulnerabilities that attackers are ready and waiting to exploit. They also slow down progress towards zero trust adoption.
True modernization requires more than technological upgrades – it demands process change. Agencies must have the visibility and insights needed to pinpoint misconfigurations, prioritize high-risk vulnerabilities, and verify compliance, even in environments where legacy systems can’t simply be retired.
While work to replace them continues, urgent action to segment and isolate these systems and enforce granular security controls – to limit the risk of lateral movement to the most critical parts of the network – is needed.
4. Zero Trust execution and managing IT and OT device risk
Throughout the week, the discussion made clear that focus is shifting from strategy to execution for Zero Trust. While significant progress is underway, challenges remain, particularly with legacy systems and workforce skill shortages, highlighting the need for both technical solutions and organizational alignment.
Randy Resnick, Director of the Zero Trust Portfolio Management Office, confirmed that the upcoming Zero Trust strategy update will expand its scope to include operational technology (OT).
This guidance will be most relevant to newer systems. For legacy OT systems, the IT underpinning their networks will continue to require targeted upgrading to reduce risk.
Our conversations with delegates and customers highlighted the operational impact of OT network vulnerabilities.
We discussed how Nipper solutions help agencies gain complete visibility into network devices that support OT environments, ensuring proper configuration and alignment with Zero Trust principles for access and segmentation. This approach limits the blast radius if an incident occurs, helping teams respond faster and limit disruption to critical operations.
5. Global alignment and information sharing across borders
Salt Typhoon has infiltrated networks in at least 80 countries, a stark reminder that our cyber adversaries don’t respect borders.
Speakers highlighted that the whole-of-nation approach must extend beyond national borders, and securing national cyber infrastructure requires robust partnerships with international allies, such as the Five Eyes nations.
Aligning threat intelligence sharing, incident reporting, and critical infrastructure protection standards will be key to closing gaps and accelerating response times.
Building a unified defense
The Billington Cybersecurity Summit painted a stark picture of the current threat landscape but also offered a clear path forward.
Leaders across government and industry stressed that cyber security cannot be a solo effort. To protect critical infrastructure and national assets, unified cyber dense with tighter coordination across agencies, states and the private sector is essential.
This includes the development of joint strategies, standardized protocols, and active threat intelligence sharing to close gaps and prevent vulnerabilities.
Cyber resilience requires modernizing infrastructure, putting Zero Trust models firmly into action and building stronger partnerships across sectors and borders. Working together, we can stay ahead of threats and protect the critical systems that power our communities, governments, and economies.
At Titania, we are dedicated to protecting critical infrastructure, helping elite cyber teams proactively ensure that their networks are constantly mission-ready and resilient.
The conversations and connections made at the Billington Summit reinforce one central idea: in the face of global, aggressive and persistent adversaries, we must present a unified and proactive defense.
For more information about Titania's proactive network security solutions please visit our Federal page.
Author
James Fanning brings more than five years of experience in global sales across multiple markets to his role as an Account Executive at Titania.