Digital Conflict

By Kevin Coleman

Blog archive

Assess your defense before a cyberattack

I am sure this is not a shock to most of you, but our current approach to cybersecurity is not working. When an information security icon such as RSA experiences a serious security breach like the one acknowledged recently, what does it say about the average organization and its ability to protect its information assets?

While I was teaching a course on cyber terrorism this month for emergency services organizations, an interesting conversation took place. During the program, three serious security issues came out during a cyberattack scenario exercise. I am not able to divulge those issues for security reasons. Let me say, though, that the magnitude of risk that accompanied these issues was cause for great concern.

Why all of our emergency services, identified as a component of our critical infrastructure, have not conducted cyberattack planning and review is beyond comprehension. This is particularly true given warnings that a cyberattack on our emergency response infrastructure and assets is likely to accompany an act of terrorism.

Some of the information systems used by emergency services are no longer supported and need to be replaced. For those emergency assets that are already in place and still supported, we need to identify areas of vulnerability and address those shortcomings before it is too late. When we plan and develop our operating procedures, critical systems and infrastructure, we need to look at the security issues that may focus on those essential capabilities. It is easier and more economical to build security in rather than trying to address security as an afterthought. Why is that so hard for us to do?

As the saying goes, an ounce of prevention is worth a pound of cure.

Posted by Kevin Coleman on Mar 24, 2011 at 12:12 PM


The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • Social network, census

    5 predictions for federal IT in 2017

    As the Trump team takes control, here's what the tech community can expect.

  • Rep. Gerald Connolly

    Connolly warns on workforce changes

    The ranking member of the House Oversight Committee's Government Operations panel warns that Congress will look to legislate changes to the federal workforce.

  • President Donald J. Trump delivers his inaugural address

    How will Trump lead on tech?

    The businessman turned reality star turned U.S. president clearly has mastered Twitter, but what will his administration mean for broader technology issues?

  • Login.gov moving ahead

    The bid to establish a single login for accessing government services is moving again on the last full day of the Obama presidency.

  • Shutterstock image (by Jirsak): customer care, relationship management, and leadership concept.

    Obama wraps up security clearance reforms

    In a last-minute executive order, President Obama institutes structural reforms to the security clearance process designed to create a more unified system across government agencies.

  • Shutterstock image: breached lock.

    What cyber can learn from counterterrorism

    The U.S. has to look at its experience in developing post-9/11 counterterrorism policies to inform efforts to formalize cybersecurity policies, says a senior official.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group