What is your most important line of business or function of your agency? What are your crown jewels (as another author here wrote)? What is the risk to those? What does the enemy want to achieve? This is the just the starting point of protecting your agency or business. Today, it is important to create a threat-aware proactive defense around your Cyber Key Terrain (C-KT) and manage the risk per line of business or... more »
The old adage "it takes 10,000 hours of practice to become an expert" is very true in cyber defense. We can't teach people to prevent zero day exploits but we can provide an inexpensive way to show what happens when an exploit is used. Technology today is finally available to provide ubiquitous Cyber Battlerooms, like Netflix, where you log into the cloud and "play" on a Virtual Clone Network of a government agency,... more »
Provide cyber internships to develop and enhance cyber skills and interest in the government
Practice response to cyber threats as part of overall emergency response capacity to build resiliency.
Cyber Tips of the Day – first thing to pop up on intranet logon-screen would be a cyber awareness question (with ability to quickly check against answer). These would be focused on knowledge leveling, increasing awareness of vulnerabilities created by SPAM/Phish attacks, etc. etc.
Reports and articles keep surfacing on the issue of lacking cybersecurity talent in the federal government. Since 2010, little improvement has been seen regarding increased knowledge, skills, and abilities among the federal cybersecurity workforce. (Williams, 2015b).This can be attributed large to leadership failures across the agencies. Cybersecurity experts in the trenches, industrial organizational psychologists, and... more »
Currently, the government is still focused on perimeter defense will only a shallow defense-in-depth strategy. The problem centers on an enterprise architecture that is designed to usually protect the entire network at the same level, thus peanut butter spreading network defense resources. Agencies fail built a network defense strategy that focus on protecting their crown jewels, vulnerability reduction, and adversary... more »
Agencies must plan for success. Increasing response time is a combination of technology, threat knowledge, and skill sets of cybersecurity practitioners. Lag time exists because organizations unable to effectively integrate practitioner skills, threat knowledge, and technology. Although agencies are in possession of effective tools (e.g., Einstein and CDM) that collect indicators and signatures of malicious traffic crisscrossing... more »
(Regular print are supported ITAPS recommendations in response to questions, flagged are expanded recommendations to more explicitly address questions, not directly addressed by ITAPS; participated in and collaborated with ITAPS OMB-OPM-NSC Task Force) How can government tackle the cybersecurity talent search in a way that strengthens skills, experience, and knowledge both within government CISO/CIO and partner organizations... more »
Given that such a small percentage of the US population is in technical fields, the majority of population is not even in the target group. It is important to consider more than just technical people or those who self opt in to the cyber field. Cyber is relevant to all jobs. However, the education and training aspect of cyber is not made relevant to other than cyber focused career fields. Those who work in a range of... more »
For a number of years the government has been looking for CIO with a business background and not a technical background. This has placed a number of government CIO into jobs that they have the business background to understand the business process of the organization, however many do not have the background or understanding of the technical knowledge and skills needed to address problems, concerns and issues related... more »