Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
Agency cyber shortfalls not just a problem of funding
Thursday - 1/26/2012, 7:45pm EST
But Richard Stiennon, the chief research analyst at IT Harvest and author of the book "Surviving Cyberwar" told In Depth with Francis Rose that Congress' usual method of dealing with serious problems might not work with cybersecurity.
That's because many of the tricky cyber issues at agencies are not necessarily congressional issues at all, but executive issues, Stiennon said. "i've been calling for some sort of assigning of responsibility," he added, which would more explicitly denote to agency cyber officials their roles in protecting the network from incursions and stopping data from being stolen.
"Part of the problem is most organizations don't even have processes in place to identify when data's being exfiltrated from them," he explained. "But if they could — and if they were responsible for it — they would start doing things immediately, just changing what they do today without any additional expense. Maybe there's some training involved and getting people up to speed on the tools that they already have, but it doesn't require billions and billions of dollars to solve this problem."
Doubtful of cyber 'domain'
Among the major cybersecurity developments of 2011 was the launch of Cyber Command under Gen. Keith Alexander, the head of the National Security Agency. Also in a new DoD strategy, the Pentagon includes cyber as its own domain, along with air, sea, land, and space. Some experts are skeptical of that model, though. Stiennon is one of them.
He said setting cyber apart as its own domain risks creating an organizational challenge for the Defense Department.
"You're going to always have joint operations," Stiennon said. "But adding an additional domain with additional commanders and an additional infrastructure of management, I think it isn't going to be as effective as if we just recognize that cyber is actually one of the predominant ways that we accomplish warfighting and ... that that should just be part of the operations of a modern Defense Department."
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.