Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mitigating Insider Threats in Virtual & Cloud Environments
- Modern Mission Critical Series
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Monday - Friday, 4-7 p.m.
In Depth with Francis Rose features daily interviews with top government executives and contractors. Listen live from 4 to 7 p.m. or download his archived interviews below.
Managing cybersecurity by breaking down silos
Wednesday - 10/27/2010, 6:09pm EDT
Federal News Radio
Cybersecurity is something that everybody at every agency is or should be thinking about, even people who aren't necessarily in IT. So what are some of the specific elements they're focusing on?
According to Pat Clawson, Chairman and CEO of Lumension, one of the most dramatic trends right now in cybersecurity is Advanced Persistent Threat (APT); an organized, consistent, structured set of attacks.
"The Advanced Persistent Threat is one that is very difficult to deal with, it doesn't go away, they are patient, they take their time. We can see it come, we know it's coming, and we don't really have the ability to stop it," Clawson. "So one of the things we see evolving from all this is a more direct requirement for whitelisting technologies, things that really only allow the known in."
Essentially, because the attacks are constant and evolving, and the technology itself is custom created, there is an increased necessity for security that acts as a moat. With whitelisting technologies, companies can cordon off the most sensitive elements of their network, and know that attackers can ATP all they want and not get in, Clawson said.
But cyber threats are not location or computer specific, and guarding against threats that attack on a larger infrastructure scale needs to be looked at more closely, Clawson said, and more information sharing needs to take place to guard against those threats more effectively. In many ways, various industries work in silos to handle their own protection, and Clawson believes the dealing with threats would be better served by sharing information, especially when the attacks could be from a single source.
So how do you bring bring down silos? And perhaps more importantly, who can bring down the silos? General Keith Alexander, the commander of U.S. Cyber Command? Or Howard Schmidt, Cybersecurity Coordinator for the Obama administration? Or someone else entirely?
If given the tools, Clawson believes that Schmidt could be in a position to effect change.
"If they give him a budget, if they give him the ability to create and follow through on policy so that people would actually adhere to it, that would be a much much more powerful position," Clawson said. "In lieu of that, one of the greatest things Howard can get done is education."
The average American needs to understand that there is a problem, and then further work on bridging the private sector/public sector information gap, Clawson said.
"Maybe it's an independent body that is created, somehow or another a think tank has got to be put on this and they have to figure out how to bridge that gap," Clawson.
A balance has to be struck to ensure that private companies are not violating laws by sharing data, that the data is shared equally, and that the nation is effectively securing itself.
"That's the million dollar question, figuring that piece out," Clawson said.