CyberChat – Federal News Network https://federalnewsnetwork.com Helping feds meet their mission. Wed, 10 Feb 2021 20:08:52 +0000 en-US hourly 1 https://federalnewsnetwork.com/wp-content/uploads/2017/12/cropped-icon-512x512-1-60x60.png CyberChat – Federal News Network https://federalnewsnetwork.com 32 32 The Art of Selling Cybersecurity https://federalnewsnetwork.com/cyber-chat/2021/02/the-art-of-selling-cybersecurity/ https://federalnewsnetwork.com/cyber-chat/2021/02/the-art-of-selling-cybersecurity/#respond Sat, 06 Feb 2021 14:32:51 +0000 https://federalnewsnetwork.com/?p=3308521

Today’s cybersecurity marketplace is congested due to the government customer having more suppliers than opportunities for vendors. Former CIO of HUD, Gloria Parker and Deputy CIO of HUD, Kevin Cooke, sit down with Cyber Chat’s Host, Sean Kelley, how to position their offerings and their companies.
Parker is a political appointee in both the Clinton and Bush Administration’s book titled, “Billion Dollar Secret”; its goal is to help companies and individuals win business. When asked what inspired the book, Parker said “having sat on the CIO side of the fence for 10 years, I watched people come in, meet with me and really waste a lot of time. They wasted so much of my time, and the needs to understand are very simple things. If they just put a little work into preparing for the meeting, it would be more beneficial to them as well as importantly to the customer.” She went on to say “one part of [understanding] was teaching people how to sell it, as you can imagine, it was a very interesting transition to the government side, to sitting in a CIO seat, then [having] people come sell to me and watching all of the mistakes that they were making. So that inspired me to write the book, [Billion Dollar Secret]. I just felt like I’ve learned all these things and I should share this with others to help them to be a lot more successful.”
Respected Senior Executive of information technology, Kevin Cook, said, “So there are several steps [to selling it]. The first one is to do your homework, understand what the customer’s pain points are, what their needs are, and don’t waste the customer’s time. [Stop] coming in and asking them to do that homework for you. Once you understand the customer’s pain point, [find] what’s really bothering them, and then you really start to discuss those needs with them.”
Listeners who want to improve their business development skills and separate themselves from the competition be sure to listen to this edition of Cyber Chat. The conversation with Kevin and Gloria can be listened to on podcastone.com or on federalnewsnetwork.com

]]>
https://federalnewsnetwork.com/cyber-chat/2021/02/the-art-of-selling-cybersecurity/feed/ 0
Data Security Today and Tomorrow Part 2 https://federalnewsnetwork.com/cyber-chat/2020/10/data-security-today-and-tomorrow-part-2/ https://federalnewsnetwork.com/cyber-chat/2020/10/data-security-today-and-tomorrow-part-2/#respond Sat, 31 Oct 2020 13:26:53 +0000 https://federalnewsnetwork.com/?p=3145842

The successful careers of Former White House Fellow, Jermon Bafaty, and Chief Data Officer at
NASA, Ron Thompson, have helped shape the industry for decades between the two of them.
Bafaty and Thompson have a unique perspective on how to use, share and secure data in the
federal government. One of the biggest motivations for both leaders is being routinely cited
for how to support the American citizen and other agencies. Cyber Chat Host, Sean Kelley sits
back down with Bafaty and Thompson to discuss the state of data, data usage, and data
security in the second show of this two-part show
Bafaty recently completed his term with the president’s commission on White House
Fellowships; he served as a Senior Advisor within the Department of Energy. He is now the
Founder and CEO of Platinum Technologies; at Platinum, Bafaty shares his thoughts on what
data is today and offers digital and professional services to federal, state and local customers.
Bafaty shared his thoughts on reducing data loss and data protections; he said, ’’the
opportunity in data is understanding how to implement it.’’ He continued, ‘’How do you
reconstitute information on data related to cyber threat or a system failure? When you think
about data loss and then add on how to actually protect the data in multi-tenant
environments, you go back to thinking about what the organizational priorities are and then
begin implementing a system that addresses those items. Attack the most fragile aspects of
your infrastructure first; be sure you are able to reconstitute the data right in front before
making sure that you can also protect the security of the data.’’
Technology in this day and age play a role in data loss protection. Data loss is a very key term
when talking to companies like Forcepoint, regarding data loss prevention software. Thompson
said, ‘’we are actually seeing the industry improve in data resiliency, the ability for loss
prevention, the tools and the capabilities to improve in these areas. I think we have a long way
to go, said Thompson, and we don’t want to under build a solution or overbuild a solution to
ensure we are striking a balance and finding resiliency.’’ Bafaty added “I agree with Ron, when
he said ‘’there are many good tools out there.’’ The next challenge may be for industries to
make sure that they have the right technical resources to help our federal, state and local
customers achieve their missions. Data and data security is important, but NASA has a very
special and important mission to enable functions that allow the mission to succeed. At
Platinum, we’re making the investment on the technical resource by ensuring that
organizations have the right program plan in place that keeps the controls, future-proof, and
consistency across the board that allows the data to be liberated, but in a secured, fashion.”
NASA is next for Thompson, he said “we are making digital transformation and transformation
in general a top priority for the agency. I will be co-leading the business innovation office and
that office will be looking across NASA for areas of opportunities to increase our awareness
regarding data, data security, and additional areas for transformation. It is an exciting time for
one of the key initiatives we’re working on.’’
Bafaty said, ‘’I want to be an enabler for our nation; the reason why I decided to go out and
launch this organization is because I truly believe in the impact our federal government can
have on our nation’s citizens. I want my organization to be an enabler through technology,
through this transformation, with the people and to provide the necessary underlying
technologies that are needed for our citizens. That is the core ethos of who we are as a
company and we want to transform ideas into game changing solutions. We just look forward
to doing that as a provider of services and hopefully can be considered as a partner to the
federal state and local government.’’

]]>
https://federalnewsnetwork.com/cyber-chat/2020/10/data-security-today-and-tomorrow-part-2/feed/ 0
Data security today and tomorrow Pt. 1 https://federalnewsnetwork.com/cyber-chat/2020/10/data-security-today-and-tomorrow-pt-1/ https://federalnewsnetwork.com/cyber-chat/2020/10/data-security-today-and-tomorrow-pt-1/#respond Mon, 19 Oct 2020 15:52:33 +0000 https://federalnewsnetwork.com/?p=3127398
The successful careers of former White House Fellow Jermon Bafaty and NASA Chief Data Officer Ron Thompson have helped shape the industry for decades between the two of them. Bafaty and Thompson have a unique perspective on how to use, share, and secure data in the federal government. One of the biggest motivations for both leaders is being routinely cited for how to support the American citizen and other agencies.

Bafaty left the President’s Commission on White House Fellowships to serve as a senior advisor within the Department of Energy. He stood up a public private partnership with industry, academia and non-profits. He applied AI and related technologies to help first responders minimize the impact and improve response to wildfires in natural disasters. Bafaty is now the CEO of Platinum Technologies. Platinum Technologies is a digital and professional services firm focused on serving federal, state and local customers.

“There was a time when we could say that storage was cheap because disk was cheap, but with the explosion of data, storage isn’t cheap anymore,” Bafaty said. “So just being able to classify the data appropriately and being able to decide what level of security or protection that could be applied is a challenge within itself. Now that there are so many cloud first strategies within the federal government, migrating that data into these multi-tenant environments and ensuring that you’ve got the right level of security and protection based on government compliance — and sometimes international compliance — are also challenges. In government, we were looking at implementing data governance strategies that reflect more about a threat assessment, the classification of the data and creating, in a sense, its own enterprise architecture approach to ensure that we’re giving it the due consideration that it needed.”

Thompson is very familiar with the challenges of using and protecting data.

“What I’ve seen, my experience is a lot of data is ‘purpose built;’ it never really was designed to be sharable. It never really was designed to be taggable and made searchable,” he said. “That’s the beauty within NASA is taking data sets that are purpose built and making it accessible. We deal with about 12 terabytes day to day that we collect to study the Earth, and that’s projected in the next two or three years to increase to about 24 terabytes a day with observation data and that’s just the Earth. … We’re not sure what purpose it’s going to be used [for] outside of us collecting and making it available. … We are taking what’s called the fair principles,’ and that is making sure our data is findable, accessible, interoperable and reusable. These principles are the foundation of how we’re going back and collecting our data in the future and going back in time and making sure we can access datasets. We have a really interesting story on our COVID pandemic that we’ve used, and we are collaborating across federal agencies to link into authoritative data source to make decisions when to reopen our offices. When is it safe for our people to come back in a physical workplace? Or some of these roles may never actually go back into the workplace. But we want to make sure our leaders in the agency have these data, these authoritative data sources that are accurate, that are based on methods of understanding that everyone is using and make sure it is available for them to make their decisions.”

In every position Thompson takes on he has sharpened his understanding of the need for good data and continues to put a great deal of focus on the customer. Thompson’s early experience in the Army and time as a government executive has prepared him to find terms of truth, find where the data sources are, articulate standards that we all can understand, and gravitate to these very important sources.

“We’re making great progress across the chief data officers counsel, across the federal workplace and working very closely together,” Thompson said. “We have multiple agencies in the same geographic area and some share the same building space themselves. So a lot of these data are collected for a specific purpose and an agency view. So we are really looking at how we can share that knowledge across multiple agencies.”

Bafaty said the concept of cybersecurity is evolving to include protecting data in movement.

“The fact that data may have been incredibly accessible at a particular point, and when you’re migrating that data into another infrastructure, whether it be cloud or for other use, there is an information assurance component that needs to be injected into that process. And then any relative cyber controls based on what the intended new use is for that repurposed data,” Bafaty said. “A lot of [securing data] to me is around the models and the architectures that are going to be associated with what is the new reason this data is going to be used for and addressing that up front. There are many tools that are out there these days, and a lot of them are very good. But it’s really around the process and ensuring you’ve got the corporate or organizational buy in for what it’s going to take to segment and protect data at various times. The last component is making sure that you’re not just too heavy-handed with the protection. Because the more monolithic you get, the more expensive that gets. From a taxpayer perspective, if we can avoid that, that’s always a good thing. From an industry perspective, you are trying to give your clients the best use for their dollar. So again, I default back to the actual design of the systems that are going to be needed to be put in place that make access to this data future-proof, and also agile in terms of what the customer or citizen’s needs are going to be.”

Part two will include more thoughts from Thompson and Barfaty on data security today and tomorrow.

]]>
https://federalnewsnetwork.com/cyber-chat/2020/10/data-security-today-and-tomorrow-pt-1/feed/ 0
DHS’s Soraya Correa is making acquisition innovative https://federalnewsnetwork.com/cyber-chat/2020/04/dhss-soraya-correa-is-making-acquisition-innovative/ https://federalnewsnetwork.com/cyber-chat/2020/04/dhss-soraya-correa-is-making-acquisition-innovative/#respond Fri, 24 Apr 2020 19:00:16 +0000 https://federalnewsnetwork.com/?p=2831535

Soraya Correa has been a leader in the federal government for over 30 years. Since January 2015, Correa has used her experience and expertise to radically improve how the Department of Homeland Security purchases services and products – enabling DHS ability to adapt to the needs and challenges the agency faces daily.

On this edition of CyberChat, host Sean Kelley discussed with Correa her role as DHS’s chief procurement officer and how she is changing the opinion of contracting officers and what that all means for cybersecurity.

“As soon as you finish one year, you’re already well into the next year starting your acquisition planning,” Correa said. “There really shouldn’t be a lull because as we’re wrapping up one year, we should be thinking about what’s coming down the pike. In an agency like the Department of Homeland Security … our mission is constantly evolving and the threats are constantly changing. It becomes even more important to be completely engaged with our customers, our program offices, to ensure that we’re properly planning for what’s coming down the pike for every contingency that could be out there.”

Correa said the formation of Cybersecurity and Infrastructure Security Agency (CISA) hasn’t changed much from a contracting standpoint. “We’re certainly revisiting some of the existing contracts. We’ve already been to a couple of strategy sessions with some of the leadership at CISA to talk about how we fulfil their needs,” Correa said. “[We’re learning] how we engage with them to come up with new approaches on how we do our contracting for them so that we can get their contracts in place a little bit more quickly, a little bit more efficiently, and ensure that they’re getting the right resources.”

DHS’s constantly evolving cybersecurity mission means acquisitions also need to keep up. Correa said it does that “through the use of our procurement innovation lab, our office of selective acquisitions that does our classified procurements, as well as our office of procurement operations that does the unclassified.” Correa said, “We’re trying to come together with them and say, how do we get this done for you a little bit more quickly, a little bit more efficiently and take advantage of the technologies and the tools that are out there to get it to them as quickly as possible.”

And the way that happens is by continually encouraging “meaningful communications between our procurement teams and the program offices, as well as our procurement teams with industry and the program offices.”  Correa said DHS also incorporates those aspects into their training. “When new legislation comes out that impacts cybersecurity or when we get bulletins or information about what’s going on in the cyber world, we try to get that out to our workforce,” Correa said. “We try to make sure that we regularly are keeping them informed of what’s going on, why it’s important and I think DHS as a whole is doing a much better job.”

]]>
https://federalnewsnetwork.com/cyber-chat/2020/04/dhss-soraya-correa-is-making-acquisition-innovative/feed/ 0
The road to cybersecurity maturity is paved with the basics https://federalnewsnetwork.com/federal-insights/2020/03/the-road-to-cybersecurity-maturity-is-paved-with-the-basics/ https://federalnewsnetwork.com/federal-insights/2020/03/the-road-to-cybersecurity-maturity-is-paved-with-the-basics/#respond Mon, 30 Mar 2020 15:30:56 +0000 https://federalnewsnetwork.com/?p=2794666
With a career that stretches back to the 1980s, Ron Nielson, executive director for Public Sector at LookingGlass, has seen the IT Industry grow and mature over the decades – from his start in the intelligence sector to his work in the private sector for an internet service provider.

On this edition of CyberChat, host Sean Kelley discusses with Nielson what it takes to develop a mature cybersecurity posture.

Nielson said employees need to know the mission of the company, the company’s key terrain, what they are defending and what is the pot of gold at the end of the rainbow.

Nielson said companies should “get more broadly focused on what is the objective [to protect] … what is the corporate sweet spot?” Whether it’s a server, a database or the organization’s people, Nielson said understanding what the adversary has in their toolbox, how an adversary would attack and what those attacks look like are key questions to answer first.

“Most cybersecurity companies, even ones we consider mature, don’t seem to align their defensive practice to the high-value assets or the terrain,” Nielson said.

Adopting a threat assessment or a cyber assessment kind of mentality is one of the best ways to mature a cyber posture. Nielson said “it can be done organically by the organization or through a third party as a service activity.”

The revolving door of chief information security officers, Nielson cautioned, is a hindrance to the maturity of the cybersecurity sector. “It’s hard to really mature that position or that organizational function when we don’t apply some level of stability to it.”

The cyber workforce also has an important role in cybersecurity maturity. “You have to understand your workforce and their capacity,” Nielson said. He added that there is always going to be a shortage of cybersecurity professionals. So, as organizations look at their environments, they must understand how tools can be incorporated to offset skills or personnel gaps.

“The tools sometimes can be wonderful. But if you’re not going to trust what the tool tells you [or] use its knowledge to help defend your network, you’re kind of defeating the purpose of automation and machine learning,” Nielson said. “Mature organizations pick the tools that compliment their workforce.”

Nielson recommended finding service providers that offer advanced techniques that the company and workforce may not comfortable with yet.

Information sharing is the last big piece of creating a mature cyber posture.

“I don’t think cybersecurity professionals are basically trusted,” Nielson said. “When an organization has been compromised, they’ve been trained not to expose it […] because if you show that you were compromised, you’ve demonstrated that you, in a sense, have failed.”

Nielsen challenged the community “to start thinking of it differently.” He said cybersecurity professionals should be applauded because they found the intrusion, not denigrated or scrutinized. “When people find an adversary, we should all salute them. Maybe come up with an award in D.C. for them.”

]]>
https://federalnewsnetwork.com/federal-insights/2020/03/the-road-to-cybersecurity-maturity-is-paved-with-the-basics/feed/ 0
Classic and new ways of improving cybersecurity https://federalnewsnetwork.com/cyber-chat/2020/03/classic-and-new-ways-of-improving-cybersecurity/ https://federalnewsnetwork.com/cyber-chat/2020/03/classic-and-new-ways-of-improving-cybersecurity/#respond Tue, 17 Mar 2020 16:50:18 +0000 https://federalnewsnetwork.com/?p=2775123

Venice Goodwine’s cybersecurity career has spanned over 33 years, starting in the Defense Department as an active duty member and then as a civilian. While Goodwine aspired to be a chief information officer early in her career, she developed skills more suited to chief information security officer.

On this edition of Cyber Chat, host Sean Kelley sits down with Goodwine to discuss her role as Department of Agriculture’s CISO.

“USDA is really interesting to me because the mission is similar to what I’m used to in working for the Air Force … that broad mission with the different mission areas really allows for a lot of flexibility and creativity when it comes to cybersecurity,” Goodwine said.

Goodwine said USDA’s risk management framework is designed to understand all of the risks across agency rather risks to only the financial system, research systems, food safety or food security. Risk management framework, Goodwine said allows her to identify the risks and then determine what’s going to be her risk response.

An early desire to be a CIO helped Goodwine sharpen her business executive skills. She said she puts a great deal of focus on the business users at USDA and keeps the business purpose in mind. “I understand the needs and objectives and then I try to use cybersecurity as an enabler.”

Goodwine also believes partnering with industry is key to her success. “When I talk to industry, I say I purchase capabilities, not tools. There are a lot of tools, but what I’m looking for is a capability. “ Goodwine went on to say “Industry should lean towards understanding what those capability requirements are for USDA, and they’ll differ depending on the civilian agency that you work with.”

Goodwine said she wants industry to understand there isn’t a one-size-fits-all approach and that companies need to take time to understand those differences. “Every relationship starts with trust. There needs to be a mutual trust amongst us. I will ask [them] questions and the intent is that [they] would be honest with me and when they ask me questions, I will be honest back with them.”

]]>
https://federalnewsnetwork.com/cyber-chat/2020/03/classic-and-new-ways-of-improving-cybersecurity/feed/ 0
How you change cybersecurity to look and act differently https://federalnewsnetwork.com/cyber-chat/2020/02/2717870/ https://federalnewsnetwork.com/cyber-chat/2020/02/2717870/#respond Mon, 17 Feb 2020 17:52:05 +0000 https://federalnewsnetwork.com/?p=2717870

Jothi Dugar wants to change cybersecurity. But not by creating a new technology, framework or methodology. The Chief Information Security Officer at the National Institute of Health’s Center for Information Technology wants to change the look of those who work in cybersecurity.

On this edition of CyberChat, Host Sean Kelley discusses Dugar’s plans to remake the cyber workforce.

“Diversity is often thought of as simply a race- or gender-type of issue. In my perspective, it’s much broader than that. So when I look at diversity, I look at a variety of different factors such as thinking style, ethnicity, age, religion, education, experience, perspective and skills. I look at it as a variety of different things and that’s really what makes up a really good workforce in any setting, but especially in cyber,” Dugar said.

Dugar said the cyber profession needs many different types of skillsets. “I value communication skills, organizational skills, project management skills … diversity of talent, personalities, empathetic skills and even creativity.”

Creativity is top on her list of traits, especially when trying to understand people outside of your area of expertise. “You really need to think outside of the box sometimes and be able to speak the language of the person who you are trying to help.”

And creative thinking, Dugar continued, needs to evolve into creative actions. “We need to speak the language of a CIO and even different stakeholders. At the NIH, we can’t go to a clinical director or a scientist or researcher and speak the same language that we speak to a system administrator,” Dugar said. “Some people can relate more to visual. Some people relate more to just hearing things and some people want something in writing.”

Dugar said the cyber industry creates cultures that foster burnout and that costs organizations 10 times more than absenteeism. “So if you just don’t show up to work, you’re actually costing the organization less than showing up to work and being burnt out.”

Workforce wellness is a critical aspect to increase performance, according to Dugar. “Enhancing workforce wellness programs, enhancing the diversity in the workplace, employee engagement, adequate training and most importantly placing our people first and taking care of them will go a long way.”

]]>
https://federalnewsnetwork.com/cyber-chat/2020/02/2717870/feed/ 0
HP Federal’s view on cyber starts at the end https://federalnewsnetwork.com/cyber-chat/2020/01/hp-federals-view-on-cyber-starts-at-the-endpoint/ https://federalnewsnetwork.com/cyber-chat/2020/01/hp-federals-view-on-cyber-starts-at-the-endpoint/#respond Tue, 21 Jan 2020 21:56:46 +0000 https://federalnewsnetwork.com/?p=2663501

On this edition of CyberChat, host Sean Kelley sat down with Todd Gustafson, President of HP Federal and Tommy Gardner, CTO of HP Federal to discuss the evolution and future of cybersecurity.

“There’s a continuous investment and a continuous improvement that has to go on [with endpoint devices]. The reason is the threats are getting smarter, too,” Gardner said.

Gustafson said the transition away from perimeter defense to defense of the data is a critical shift in combatting different threat vectors.

“We like to think about endpoint security as protection any endpoint device, so it could be your printer or your manufacturing device that’s connected to your network. We like to think about three different levels of security: Below the operating system – think BIOS (Basic Input Output System); at the operating system and then above the operating system,” Gustafsan said.

Gustafson said the BIOS level became the next frontier for bad actors. “Stuxnet, at its core level, was a BIOS level intrusion. Even today, there are still no tools available for people to adequately monitor that.” Gustafson said HP’s focus is to build secure devices that can’t be infiltrated.

To do this, Gardner said industry has to work together with government and academia to set cyber standards. “NIST has the authority to make [new standards] for resilience, supply chain risk, and overall risk management mandatory for the federal government … and that’s leading the design efforts for future machines,” Gardner said.

Gustafson said the federal government is also a leader in leveraging block chain technology in supply chain security for endpoint devices. “From the design of the product, the manufacturing of the product, transportation, installation, and eventually recycling of those devices.”

In order to get stay ahead of cyber threats, Gardner said the key is involving Academia. “Relationships with strong academic institutions that are focused on the cyber area. Carnegie Melon is very engaged with industry and what DoD is doing with CMMC (Cybersecurity Maturity Model Certification) that will be rolled out in the next year,” Gardner said.

]]>
https://federalnewsnetwork.com/cyber-chat/2020/01/hp-federals-view-on-cyber-starts-at-the-endpoint/feed/ 0
Why is a cyber supply chain important? https://federalnewsnetwork.com/cyber-chat/2019/11/why-is-a-cyber-supply-chain-important/ https://federalnewsnetwork.com/cyber-chat/2019/11/why-is-a-cyber-supply-chain-important/#respond Tue, 19 Nov 2019 19:23:28 +0000 https://federalnewsnetwork.com/?p=2544400

Amidst the current threat landscape, agencies like the General Services Administration, Defense Department, Department of Homeland Security and the Intel community have begun working together to bring more efficient and secure methodologies to the procurement process. They do this while paying attention to the risk management of the cybersecurity supply chain.

On this edition of CyberChat, host Sean Kelley sat down with GSA’s William Zielinski, Assistant Commissioner, Information Technology Category and Lawrence Hale, Director, IT Security, Information Technology Category to discuss the acquisition process and vehicles for the cybersecurity supply chain.

“[GSA’s IT category] builds and maintains a series of very large pre-competed governmentwide acquisition contracts,” Zielinsky said.

Generally, agencies who use GSA vehicles for procurement will get better pricing and be able to move through the acquisition process faster, because the groundwork has already been laid, freeing up government procurement professionals to focus their efforts on mission critical acquisitions.

Zielinski explained how this new procurement process affects the cybersecurity supply chain. He said stakeholders from IT security, acquisitions and risk management team together to assess what they are buying and from whom. “We’re actually making a purchase of a technical capability, we have assessed those things and they are actually part of how we go about buying our technical capability.”

There is also increased pressure from Capitol Hill that requires agencies taking a closer look at the risks associated with the cybersecurity supply chain – in legislation like Section 889 of the National Defense Authorization Act and the Secure Technology Act.

GSA’s Hale explained another benefit of a cybersecurity supply chain. “There are a number of examples of GSA activity that reduce duplicative efforts by offering security screening that’s built into the solutions.” Hale pointed to FedRAMP and CDM programs where one authorization is used by multiple agencies.

Hale said using the GSA schedule helps avoid the added cost of competing on one-off contracts for industry. “We find that industry tends to be one of our best proponents … when they learned that agencies are thinking about doing a solicitation on cybersecurity, they’ll say, you should do that on GSA. And here’s why,” Hale said.

]]>
https://federalnewsnetwork.com/cyber-chat/2019/11/why-is-a-cyber-supply-chain-important/feed/ 0
Reshaping how cybersecurity is delivered https://federalnewsnetwork.com/cyber-chat/2019/10/reshaping-how-cybersecurity-is-delivered/ https://federalnewsnetwork.com/cyber-chat/2019/10/reshaping-how-cybersecurity-is-delivered/#respond Thu, 10 Oct 2019 20:19:15 +0000 https://federalnewsnetwork.com/?p=2465784

Chad Sheridan has always been a voice for the customer. Over the past few years, he has morphed into an evangelist on how the government should deliver services to citizens and government customers.

On this edition of CyberChat, host Sean Kelley sits down with Sheridan to discuss his new role as Chief, Service Delivery and Operations at USDA-Farm Production and Conservation Business Center and what that means for cybersecurity.

“This whole thing stemmed about as the consolidation at USDA,” Sheridan said. “We took the organization and brought it together to serve the business center, which has consolidated all the back-office functions like finance, HR, budget, etc. We are part of that business center serving all three agencies and the people of the business center.”

Sherian said part of his job is to operationalize USDA cybersecurity and support the Chief Information Security Officer, even though cybersecurity is managed by a different part of the organization. The CISO is dependent on Sheridan and his staff to ensure patches and updates are applied and that systems are built secure before deployed into the environment.

Sheridan said [the government] needs cybersecurity professionals that look outward and want to understand the business of those they support.

“CISOs need a broader base of knowledge and understanding of what the pain points are for running an organization … It’s no different than the journey we’ve made as (IT) operations professionals,” Sheridan said.

As for the future of cybersecurity? Sheridan said IT consumerization will drive it.

“The reality of the way the world has really hit the government and what I mean by that is the expectations of rapid delivery, rapid innovation and agility are hitting us with force.“

]]>
https://federalnewsnetwork.com/cyber-chat/2019/10/reshaping-how-cybersecurity-is-delivered/feed/ 0
VA adopts DevOps, agile methodology to improve cybersecurity https://federalnewsnetwork.com/cyber-chat/2019/09/va-adopts-devops-agile-methodology-to-improve-cybersecurity/ https://federalnewsnetwork.com/cyber-chat/2019/09/va-adopts-devops-agile-methodology-to-improve-cybersecurity/#respond Fri, 13 Sep 2019 18:16:21 +0000 https://federalnewsnetwork.com/?p=2429186

The Department of Veterans Affairs has been going through a transformation for years, and a huge part of that centers on technology modernization and the agency’s adoption of DevOps and Agile methodologies.

On this week’s episode of CyberChat, Sean Kelly spoke with VA Office of Information and Technology executives Bill James, deputy assistant secretary of DevOps and Drew Myklegard, the executive director PSF. The discussion was focused on how the department’s modernization effort can lead to better cybersecurity practices.

The guests also touched on:

  • differences between DevOps and Agile methodologies and what that means for the VA;
  • a culture shift that takes place from training the workforce and contractors on these new processes; and
  • developing software faster, better and cheaper for veterans.

Myklegard said it’s important to begin with safe and secure products that already have the proper controls in place. James chimed in saying that having security personnel present during interactions with the customer is vital as the VA steps away from a “waterfall” approach when it comes to modernization.

“We bake in security from the beginning in this DevSecOps approach, as opposed to bolted on at the end. We’re developing products at the beginning incrementally, [instead of] the add-the-waterfall methodology where you’re looking for something at the end,” James said. “So we’re engaging the customer at the beginning as opposed to pushing all the testing down to the end. So it’s a different way of thinking.”

]]>
https://federalnewsnetwork.com/cyber-chat/2019/09/va-adopts-devops-agile-methodology-to-improve-cybersecurity/feed/ 0
Contextual intelligence in the cyber battlefield https://federalnewsnetwork.com/federal-insights/2019/09/contextual-intelligence-in-the-cyber-battlefield/ Fri, 06 Sep 2019 15:58:03 +0000 https://federalnewsnetwork.com/?p=2423933

Cybersecurity executives have an enormous responsibility. We have moved from the conventional data center model to a cloud environment with data spread across the world.

It used to be enough to protect an organization with some basic tools like local antiviruses and a perimeter firewall. Today, that has exploded into an arrangement of solutions like intrusion detection systems, intrusion prevention systems, network and host firewalls, security incident and event management tools, spam filtering, encryption in many of the solutions that need to be installed, integrated and managed.

The adoption of cloud technologies has also added a new level of complexity to the challenges faced by cybersecurity executives. Cloud and mobile technologies have them developing new ways to tackle these issues. Organizations need cybersecurity that provides complete visibility, intelligence, and the ability to scale to create a comprehensive view of the threat landscape. In this episode of CyberChat, we discussed how an organization matures, uses threat intelligence, creates a comprehensive view of its cybersecurity posture and employs contextual intelligence in the cyber battlefield.

Our guests were Shane Barney, chief information security officer for U.S. Citizenship and Immigration Services; Matt Smith, senior adviser to the CISO at the Department of Homeland Security; Greg Willshusen, director of Information Technology and Cybersecurity at the Government Accountability Office; and Alan Thompson, chief technology officer at Looking Glass.

When asked if it is harder to secure data today, all agreed. All admitted that the threat landscape is changing, so a defense can’t really be aimed at one threat or vulnerability, but needs to create a comprehensive view. Smith added that though the threat landscape is changing and becoming more advanced, “the [defense] capabilities are also advanc[ing] in defending the data.” Barney added that “[USCIS was] a heavily paper-based agency for a long, long, long time. Now we’ve made this huge leap into the electronic world and we’re still sort of adjusting to that.”

Willshusen stated that “the cloud is certainly an opportunity to help secure data that’s out there, but it’s also does not allow agencies to say, well, it’s a cloud service provider’s responsibility for securing information. It’s still up to the agency to make sure that the cloud service provider is adequately protecting that information.”

He also said that, “With respect to security we have found that the security over data at most of the agencies we go to needs to be dramatically improved … and it’s not just [the Government Accountability Office], it’s also the inspectors general at the various agencies, at least 18 out of the 24th CFO Act agencies, which are the major federal departments and agencies, um, site that their agencies’ information security program is not effective.”

The panel agreed that any modern program must take a holistic approach, but also felt that the staff was a huge part of any cybersecurity posture. Barney stated that “involves getting the right people in the right places with the right knowledge and the right skills because that’s what’s gonna drive that [holistic approach].”

Thomson stated, “I would say finding experienced people in security is actually probably always going to be a challenge. So, making those individuals that you do have a more effective, a more efficient, to enable the achievement of the objectives of a security organization.” He discussed how we get to threat intelligence. “There’s a lot of things that can go into threat intelligence. Ultimately, it’s about data that can be used to help protect the organization. So, there’s no shortage of data. I think the key challenges is what data is relevant to securing your organization. So, for example, how can intelligence make that data more effective and more useful in your organization? So, it could be as simple as what type of actors are performing, certain types of campaigns, certain behaviors that ultimately can help inform or instruct your response to those aspects.”

Thomson also stated that “intelligence can be considered a much broader aspect in that informs you about your organization as a whole … There’s many different aspects of intelligence, but fundamentally it’s about focusing your defensive efforts based on what that intelligence tells you.”

Smith brought a great point to the conversation — that he valued threat intelligence but wanted to discuss risk scores and a need for a better understanding of what data was used to create that risk score. When discussing a risk score of eight, for example, he said, “What does the eight mean? Depends wildly on who your provider is, but the challenge that we have with that in operationalizing it is that what we really need?”

He also said there was plenty of data.

“But in order for me to contextualize that eight in my environment, I really need the bit of data that went into calculating that eight. And there’s some trade secret challenges in exposing that that we haven’t figured out how to overcome,” he said. “But if I had those data elements and could put that in context of my own data and my own analysis, then I can start identifying whether there’s a threat to systems at the southern border, or whether there’s a threat to a particular executive that I have, or whether there’s a threat to a location at a time that I might know that we’ve got either a particularly sensitive event going to be happening, or you know, particularly impactful travel that’s going to be happening.”

]]>
A conversation with Greg Touhill, former federal CISO https://federalnewsnetwork.com/cyber-chat/2019/05/a-conversation-with-greg-touhill-former-federal-ciso/ https://federalnewsnetwork.com/cyber-chat/2019/05/a-conversation-with-greg-touhill-former-federal-ciso/#respond Wed, 22 May 2019 19:10:35 +0000 https://federalnewsnetwork.com/?p=2349886

In any organization, people tend to get fixated on the policy. Same goes for cybersecurity policies. But often while the policy is sound, the issues lie within the execution.

Retired Brigadier General and former federal Chief Information Security Officer Greg Touhill joined Sean Kelley, host of CyberChat, to discuss the future of cybersecurity.

Touhill said there are three major hurdles facing today’s organizations:

  • A lack of authority on the part of the CIO
  • A lack of unity of effort
  • Inefficient and ineffective architecture

While cybersecurity policies could be ultra-secure, Touhill said the organizations and entities your agency or company deals with don’t always have the same cybersecurity posture and capacities.

‘’Moving to the cloud is the right thing to do, but it needs to be done in the right way. The appeal of the overhead reduction is compelling, organizations can be more agile, and both lower OpEx [operating expenditure] and CapEx [capital expenditure] results are both incredibly attractive. As I learned in the Air Force, you never fly into a cloud without knowing what’s on the inside or on the other side,” Touhill said.

Another consideration, Touhill said, is how to implement or sustain independent third-party auditing, a “must-have” tool. Organizations should also retain the ability to pen test and audit.

Touhill said organizations need better execution of existing policies, to retire older technology, update cybersecurity strategy to a more modern zero trust strategy and to leverage public sector best-practices.

He went on to say public and private sectors have at times been resistant to pooling resources — bulk buys and leveraging their buying power — due to fear of losing control of their decision making authority.

Touhill said in order to get to a common architecture, there needs to be a legislative approach and a push that needs to drive changes to happen. “We should be all about protecting the people’s information.”

There are initiatives and education programs for future cybersecurity professionals, but Touhill said the pipeline is not being filled quickly enough to meet with the present-day demand.

‘’The Air Force is a great example of a government organization that is getting it right. With many jobs being replaced or being made redundant because of various technologies, affected individuals are being retrained into the world of cybersecurity,’’ Touhill said.

]]>
https://federalnewsnetwork.com/cyber-chat/2019/05/a-conversation-with-greg-touhill-former-federal-ciso/feed/ 0
Cybersecurity battleground – Status of cyber threat info sharing https://federalnewsnetwork.com/federal-insights/2019/04/cybersecurity-battleground-status-of-cyber-threat-info-sharing/ https://federalnewsnetwork.com/federal-insights/2019/04/cybersecurity-battleground-status-of-cyber-threat-info-sharing/#respond Mon, 22 Apr 2019 19:18:28 +0000 https://federalnewsnetwork.com/?p=2327385

The current status of cybersecurity threats and information sharing between the public, private and government sectors is improving. With that said, there is still much work that needs to be done.

CyberChat host Sean Kelley sat down with an esteemed panel to discuss. The guests include:

  • Wally Coggins, director of the IC Security Coordination Center within the Office of the Director of National Intelligence
  • Mo Bland, deputy chief of cybersecurity operations at NSA
  • Rex Booth, chief of cyber threat and risk analysis at the Cybersecurity and Infrastructure Security Agency
  • Allan Thomson, chief technology officer at LookingGlass

Both private and public partnerships are essential to counter those who are actively trying to penetrate networks. But how do we get the right information to the right people at the right time?

Transforming data into intelligence and making that information relevant to organizations is a real challenge. It’s not something that can be fixed easily or without a collective force of effort.

While there is a lot of noise coming from people who claim to have a mass of intelligence, they actually just have a lot of information, which isn’t the same thing. The key to having quality data is relevance.

Data overload is already upon us, and it’s something that is only going to continue to grow. Artificial intelligence and machine learning are two particularly exciting areas in the future for cybersecurity, and they will both enable a faster way through the murky clouds created by having too much data.

Partnerships between the private sector, federal civil service, Defense Department and the intelligence community at large can be leveraged to take the data that is gained and help to truly understand what the adversaries are doing, how they are doing it and the most effective ways to detect and mitigate those risks.

Overcoming challenges

How can we create a common language between analysts and the intelligence collectors?

The intelligence collectors need to understand the threats and the tools that the analysts in the cyber defense world use to protect their networks. A more defined focus on technology along with policy is what is needed. However, it will cost money and more importantly, it will take time.

Some of the considerations for the policy concern data privacy, data sharing, data handling and data storage. This could also differ based on a region, state, country or continent. The end goal seems to be understood, but the challenges lead us to believe it is not something that is close to being resolved any time soon.

We first need to know what suspicious activities actually look like. Once risks have been defined, the data will need to be transformed into a set of indicators. This data will then be searchable on a network. One of the key challenges is figuring out which controls need to be in place in order to detect harmful activity quickly and more effectively.

The ultimate goal of cyber threat intelligence is to raise the cost of operations to the adversary.

The pool of active consumers that utilize cyber threat intelligence services is small. A larger subset of passive consumers get access to this data through the the use of various technologies, and could potentially be wiped out by an advanced attack. Reaching out to them is that last mile, and it’s going to be essential.

Persuading the private sector to bring forward data — which could have reputational or financial effects — or the government to share highly-classified information will always be difficult. But as an industry, we must find middle ground, where we can more easily access the information that end users need to do their jobs effectively.

]]>
https://federalnewsnetwork.com/federal-insights/2019/04/cybersecurity-battleground-status-of-cyber-threat-info-sharing/feed/ 0
Former WH senior advisor talks data privacy https://federalnewsnetwork.com/cyber-chat/2019/04/former-wh-senior-advisor-talks-data-privacy/ https://federalnewsnetwork.com/cyber-chat/2019/04/former-wh-senior-advisor-talks-data-privacy/#respond Fri, 12 Apr 2019 20:39:42 +0000 https://federalnewsnetwork.com/?p=2320689
Privacy became a real issue for America in 2018.

Marc Groman, who joined CyberChat with host Sean Kelley, said existing incentives for data security have so far been wrong.

“When it comes to protecting the perimeter and protecting our networks, we’re still — in some cases — at data security one-oh-one,” Groman, a former senior advisor for privacy at the White House and now principal at Groman Consulting Group LLC, said. “We don’t incentivize data security enough. The incentive is to get your database up and running and I have been in more meetings than I can count where decisions were made to cut security.”

Groman said companies want to be generations ahead either in what they produce for sale, or in their own internal business processes. But in order for them to become better prepared to defend the entire ecosystem, agencies need to plan, implement controls and implement security appropriately.

“The insecure software product they rolled out with a bug gets exploited and when [society, the government, and sometimes a company feels the pain] data security and privacy is what often gets cut. Combating this problem is absolutely at an epidemic level. That’s in both the public and private sector and I don’t think we have a handle on it at all,” he said. “We repeat mistakes, don’t learn our lessons, and of course the threats are getting increasingly serious. Our adversaries are getting more sophisticated and so it’s not about just being good, it’s about keeping up with the threats and the adversaries and the risks and I don’t think we’re doing a very good job. “

Serious hacks and data breaches in the past have come from phishing, not serious terms. Groman said it was often just someone clicking on a link the intrusion prevention system didn’t catch.

“The damage is done … [Even] if you’re going to be storing highly sensitive data that is going to be the target for sophisticated adversaries, we’re still at human error,” he said.

Kelley asked Groman if privacy was at least in some realm already gone and how it’s affecting the next generation. Can we actually recover?

“I thought we needed this 10 years ago [because] we don’t have much privacy, particularly in the context of our internet and our online interaction; that’s just factually true”, Groman said. “We’re more than a decade late to this game and unless we get a handle around who can use it and for what purposes, I think we’re going to end up in a place that almost none of us are going to like.”

The United States does not have a comprehensive law at the moment for addressing privacy. This will become a major challenge if the administration doesn’t get it under control, Groman said. There are serious challenges in the context of privacy including collection that is responsible, ethical and fair, as well as the government or private sector’s use of the data collected.

“Artificial intelligence, machine learning, the Internet, the amount of data passively [being] collected by thousands of sensors around us from machine to machine communications is going to be mind blowing,” Groman said. “We have sectorial laws that apply in very narrow spheres and there are enormous gaps.”

He said in some ways we are all at fault for not predicting how our data could be used in negative ways. Facebook headlines each week are the poster child for data breaches.

“Today we’re into protecting passwords, last week not protecting data, going to third party’s week before something else,” he said. “We’ve got to get a handle around that.”

Europe moved ahead with a very comprehensive privacy law that is having ripple effects across the entire globe, including on American companies, the public and private sector, Equifax, OPM and the government.

America needs to do a similar thing to develop a comprehensive, federal privacy law that will govern the commercial sector, Groman said. But some are hesitant, as giving up some privacy to be able to use existing applications and services are convenient.

One of the biggest problems when it comes to data privacy is that information on who has access to our data or what it will be used for is not readily available. Double-checking our privacy standards should become a priority.

“I use my privacy settings to ensure that I understand when and what apps are collecting. I change what’s accessible to the public or I use two-factor authentication, and same thing with social media,” he said. “If you are not using two factor authentications with your social media accounts today, that’s moronic, [because] if you read what they’re doing with it, you’d be horrified.”

]]>
https://federalnewsnetwork.com/cyber-chat/2019/04/former-wh-senior-advisor-talks-data-privacy/feed/ 0