Topics of Interest
- Application Protocol Fuzzing
- Cloud Computing and Virtualization
- Custom Applications and Attacks
- Cyber Warfare
- Data Center Planning and Consolidation
- DDoS and Botnet Simulation
- Deep Packet Inspection
- IPTV
- IPv4/IPv6
- Layer 2-7
- Network Traffic Generation
- Performance Testing
- Security Updates
- Server Load Testing
- VoIP
- 10/40/100 GigE
Devices
Interviewing the CyberSecurity Czar; What Question Would You Ask?
UPDATE: Be sure to register for our Cyber Security webcast.
“America’s failure to protect cyberspace is one of the most urgent national security problems facing the new administration.”
It's not just U.S. military and DoD networks that are at risk. Every day Federal, State and local government networks are hit with tens of thousands of malicious attacks. The FAA, stock exchanges, even power grids are susceptible to legions of hackers around the world. While readers of this blog already understand the network security dangers that exist, others are just now beginning to understand the risks. Terms like "cyber security", "cyber warfare" and "cyber infrastructure" are terms recognized by millions of Americans with the Obama administration's recent focus on the topic. Over the next few weeks I'm going to be diving deeper into a variety of cyber infrastructure issues, and today we start with the news of last week and what we should start looking for out of the new cyber czar.
President Obama has laid out his administration's plan to shore up U.S. cyber security, including a new appointment to the role of "cyber security czar" (or coordinator), a position formerly part of the Department of Homeland Security. In a 60-page report, titled "Cyberspace Policy Review: Assuring a Trusted and Resilient Information and Communications Infrastructure," (PDF) the administration shared the following urgent priorities:
- Increase Federal investment to improve security in information and communications infrastructures
- Create a public/private partnership to coordinate responses to cyber attacks
- Seek International cooperation to mitigate security risks
- Raise the public's awareness about the state of infrastructure security
Overall it is clear that the Obama administration believes by bringing the position closer to the White House and granting more power (and money) to the cyber security topic they can achieve these objectives. Critics believe, however, that the role is not being given enough latitude, funds, power, etc. Others believe that the role should be primarily a private one. But it's just not that simple. Starting with the fact that there are already Government funded cyber security initiatives underway.
The Federal government has consistently been introducing programs for cyber security, perhaps not out of a central department, but it has been rapidly progressing. Recently, the Pentagon ramped up efforts in attracting the newest network security talent with a military funded program tapping students. Called "Cyber Challenge" (sick of the word cyber yet...), it will center around three national competitions for high school and college students. The goal, of course, is to find the best and the brightest students and give them an opportunity to help shore up the U.S. cyber infrastruture, now and in the immediate future. Although I'm sure critics have issues with the military establishment getting involved with schools, let's face the facts that this is a difficult challenge and we must have our nation's brightest working on the problems.
The U.S. Army obviously understands cyber warfare and cadets are already being trained to battle this threat. The New York Times had an interesting look into training exercises for cadets at West Point, who were taking part in cyberwar games as a final exam. Although this training is geared towards using cyber security tactics for a military advantage, whereas the President's report only looked at internal defense, it is important to understand that the wheels are already in motion. And, then there's the private sector where companies are rapidly innovating a new generation of security products and services. Our nation's new cyber czar must head into the position knowing that there are already so many initiatives in motion both in the government and corporate world and effectively bridge those two worlds to protect our increasingly vulnerable yet mission-critical infrastructure.
This will involve taking on a CEO-type role, looking at where activities are already effective, where the holes remain and how to dedicate the necessary resources to plug these holes. And, just like our counter-terrorism initiatives, our cyber security warriors must learn to think like the enemy in order to defend our critical internet infrastructure.
With this in mind, I asked folks on Twitter what one question they would ask an applicant interviewing for the cyber czar role, some of the initial answers are below and this will be the focus of our next post on cyber security. What would be your question?
Tags: