Originally posted by Shamun Mahmud on DLT Solutions' Technically Speaking
The Armed Forces Communications and Electronics Association's (AFCEA) DC chapter hosted the 4th Annual Cybersecurity Symposium on Friday February 22nd. Industry experts joined federal officials from cybersecurity agencies in interactive panels and keynote speeches. This was a joint update on the status of our nation's cybersecurity efforts.
The key takeaways I found relevant to the public sector cybersecurity community are:
- The head of Cybercommand, Maj. Gen. Brett Williams, said the key to effective cyber operations is a well-trained force and sufficient information, as opposed to technical superiority. In essence, cyber operations have to be planned and executed using the same processes the military uses for conventional warfare.
- The Pentagon's cybersecurity official, Eric Rosenbach is the Deputy to the Assistant Defense Secretary for Cyber Policy. He described the problem of cyber attacks from non-state actors as one of the greatest threats facing the U.S
- Jeff Eisensmith of DHS said a bigger budget would allow his agency to do a better job of policing the information technology supply chain. This is important as the IT supply chain is one of the areas vulnerable to cyber attacks. Cybersecurity is one area across government where spending is likely to continue rising despite tightening budgets
- Suzanne Spaulding, deputy under secretary of the National Protection and Programs Directorate at DHS, said that physical and cybersecurity are inexorably intertwined and cannot be separated in the critical infrastructure arena because cyber attacks can have such significant physical consequence.
- According to White House Senior Director for Cybersecurity Dr. Andy Ozment, the recently signed cybersecurity executive order facilitates information sharing between government and industry. But at its roots, it's designed for governmental knowledge exchange with industry.
Security collaboration amongst industry and government is gaining momentum. Rightfully so, as the threat landscape is emerging at a rapid pace. The bad guys are talking to each other, comparing notes; the security community must do the same. It will take a coordinated effort to rebuff cybercriminals. The effort must be organized like a military operation. We feel the Executive Order provides a means to foster communications between the legitimate security actors.
One of DLT Cloud Advisory Group's (CAG's) mandates is to remain focused on the emerging threat landscape within cloud computing. To remain in the forefront of newly forged standards and regulations, the CAG is a contributing member of NIST Cloud Computing Security Working Group (CCSWG).