One of the long-standing tenants of cyber security is the belief that the attackers have an advantage.
That makes sense as cyber security, for the most part, has been a reactionary process that identifies an attack once it happens and then makes adjustments to stop it from happening again. That process is no longer good enough for Jeanette Manfra, assistant secretary for the Office of Cyber Security and Communications in the Department of Homeland Security’s (DHS) National Protection and Programs Directorate.
As Manfra said during her keynote presentation at the Symantec Government Symposium, she believes government needs to develop deep partnerships with the private sector on cyber security that can “create an environment where the defender has an advantage.” She acknowledged this is a rarity in cyber security, but also that federal agencies need to look beyond simply being reactive to cyber security incidents.
This type of thinking was at the center of the Symantec Government Symposium, which took place on October 30 in Washington, DC. As information technology continues to evolve so must cyber security, and agencies need to rethink – and redefine – how they approach it. Federal agencies can no longer focus solely on securing the perimeter of their network – as that perimeter no longer exists – and instead must look to an integrated cyber defense capability to stay one step ahead.
Manfra mentioned as much. One of her goals is to create tight partnerships between government and industry that can use the internet and benefit from connectivity, interoperability and openness, and to do so in a safe and secure way. She said government agencies must be able to dictate the cyber world they want to operate in or they will continually be in reactive mode.
Government must continue to innovate, and that usually means working closely with industry to bring in the latest technological advances, but in a strategic, integrated manner.
That conversation has continued to grow. William Evanina, director of the National Counterintelligence and Security Center within the Office of the Director of National Intelligence (ODNI), mentioned during his speech that ODNI made the decision earlier this year to release an unclassified version of its annual economic espionage report for the first time. In doing so, the intelligence community made an effort to better show the cyber threat that the government faces.
"I think we've gotten all that data into the intelligence community every year but we really haven't done a good job of exploiting it and getting it to the folks who are being penetrated," said Evanina, referencing the challenge the technology providers in the supply chain face.
While government continues to change the conversation around cyber security, the underlying message at the Symantec Government Symposium was that the status quo is not acceptable. Government must continue to innovate, and that usually means working closely with industry to bring in the latest technological advances, but in a strategic, integrated manner.
“Government cannot get smarter without industry,” Evanina said.
Federal agencies face an incredibly hard challenge to secure networks. The worst thing that can happen though is an acceptance, and eventual apathy, toward cyber breaches. While breaches have become a common part of life, federal agencies must remain vigilant in keeping data secure. It’s a positive sign to see government executives like Jeanette Manfra and William Evanina leading this charge.
Check back here for additional blogs that will provide some of the other key issues discussed during the Symantec Government Symposium.
Read More About Symantec's Government Symposium Here
We encourage you to share your thoughts on your favorite social platform.