Digital Conflict

By Kevin Coleman

Blog archive

Assess your defense before a cyberattack

I am sure this is not a shock to most of you, but our current approach to cybersecurity is not working. When an information security icon such as RSA experiences a serious security breach like the one acknowledged recently, what does it say about the average organization and its ability to protect its information assets?

While I was teaching a course on cyber terrorism this month for emergency services organizations, an interesting conversation took place. During the program, three serious security issues came out during a cyberattack scenario exercise. I am not able to divulge those issues for security reasons. Let me say, though, that the magnitude of risk that accompanied these issues was cause for great concern.

Why all of our emergency services, identified as a component of our critical infrastructure, have not conducted cyberattack planning and review is beyond comprehension. This is particularly true given warnings that a cyberattack on our emergency response infrastructure and assets is likely to accompany an act of terrorism.

Some of the information systems used by emergency services are no longer supported and need to be replaced. For those emergency assets that are already in place and still supported, we need to identify areas of vulnerability and address those shortcomings before it is too late. When we plan and develop our operating procedures, critical systems and infrastructure, we need to look at the security issues that may focus on those essential capabilities. It is easier and more economical to build security in rather than trying to address security as an afterthought. Why is that so hard for us to do?

As the saying goes, an ounce of prevention is worth a pound of cure.

Posted by Kevin Coleman on Mar 24, 2011 at 12:12 PM


  • 2018 Fed 100

    The 2018 Federal 100

    This year's Fed 100 winners show just how much committed and talented individuals can accomplish in federal IT. Read their profiles to learn more!

  • Census
    How tech can save money for 2020 census

    Trump campaign taps census question as a fund-raising tool

    A fundraising email for the Trump-Pence reelection campaign is trying to get supporters behind a controversial change to the census -- asking respondents whether or not they are U.S. citizens.

  • Cloud
    DOD cloud

    DOD's latest cloud moves leave plenty of questions

    Speculation is still swirling about the implications of the draft solicitation for JEDI -- and about why a separate agreement for cloud-migration services was scaled back so dramatically.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.