Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Agency cyber shortfalls not just a problem of funding
Thursday - 1/26/2012, 7:45pm EST
But Richard Stiennon, the chief research analyst at IT Harvest and author of the book "Surviving Cyberwar" told In Depth with Francis Rose that Congress' usual method of dealing with serious problems might not work with cybersecurity.
That's because many of the tricky cyber issues at agencies are not necessarily congressional issues at all, but executive issues, Stiennon said. "i've been calling for some sort of assigning of responsibility," he added, which would more explicitly denote to agency cyber officials their roles in protecting the network from incursions and stopping data from being stolen.
"Part of the problem is most organizations don't even have processes in place to identify when data's being exfiltrated from them," he explained. "But if they could — and if they were responsible for it — they would start doing things immediately, just changing what they do today without any additional expense. Maybe there's some training involved and getting people up to speed on the tools that they already have, but it doesn't require billions and billions of dollars to solve this problem."
Doubtful of cyber 'domain'
Among the major cybersecurity developments of 2011 was the launch of Cyber Command under Gen. Keith Alexander, the head of the National Security Agency. Also in a new DoD strategy, the Pentagon includes cyber as its own domain, along with air, sea, land, and space. Some experts are skeptical of that model, though. Stiennon is one of them.
He said setting cyber apart as its own domain risks creating an organizational challenge for the Defense Department.
"You're going to always have joint operations," Stiennon said. "But adding an additional domain with additional commanders and an additional infrastructure of management, I think it isn't going to be as effective as if we just recognize that cyber is actually one of the predominant ways that we accomplish warfighting and ... that that should just be part of the operations of a modern Defense Department."
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.