Steve Grewal, the Education Department's chief information security officer, joined Federal News Radio on March 6, 2014, for an online chat.
Grewal answered questions about his agency's new security operations center (SOC), the cyber workforce, and challenges with security at the agency. View an archived version of the chat.
Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
Ask the CIO
With improved cybersecurity, Los Alamos moves to cloud, wireless
Wednesday - 11/2/2011, 5:10pm EDT
Tom Harper, Los Alamos's chief information officer, said the organization is running an internal virtualized cloud to create an infrastructure-on-demand platform for its applications.
"That is the infrastructure we are running all of our internalized virtual services on," Harper said. "And now we are looking to see how we can make it available since it was developed by the U.S. government and how we can use that to help DoE and National Nuclear Security Agency (NNSA) be successful in that provisioning later as they move their services to the cloud as well."
Along those same lines, Harper said Los Alamos is centralizing is email and collaboration tools, which should bring a efficiencies and cost savings.
And now Los Alamos is getting WiFi across its unclassified network.
"Because of our weapons heritage and all of the classified work that was done here, we have not been allowed to have wireless down here within our operating environment," he said. "Over the summer, the IT arm wired up over 50 new buildings. So we are rapidly moving into the wireless world and everything that brings with it."
All of this is possible because Los Alamos plugged the cyber holes in its network.
So much so that the SANS Institute awarded Los Alamos the 2011 U.S. National Cybersecurity Innovation Award for cloud computing security.
"We have changed our cyber posture drastically over the last several years," Harper said. "We started with the people. We recruited and built an outstanding team of cybersecurity professionals. We have both a very strong cyber-oriented research component. We have a world class instant response and management effort. We've invested very heavily in tools and training. We have changed the philosophy of our IT and now information security is really baked into everything we do. We've change the culture of this laboratory to understand the importance of cybersecurity."
The Government Accountability Office and the Energy inspector general found major shortcomings in 2009 with the lab's internal controls. Its problems actually dated back to 2002 and earlier.
He said Los Alamos continues to be a major cyber hacker target.
"I would say everybody sees hundreds of thousands of scans and malicious attempt, the ankle-biter stuff every day," Harper said. "The last several events we've had have been very well thought out, very well researched, spear phishing attacks targeted to individuals with zero-day exploits. The types of things that are very difficult to defend against. Our strategy is rapid detection, stop lateral movement and rapid containment and clean up."