Aviation CIO stresses security needs

Federal Aviation Administration

Related Links

A good cybersecurity defense system has multiple layers, system monitoring and effective quarantining of network intrusions, the man in charge of the Federal Aviation Administration's information technology said today.

Comparing his system approach to the human body, FAA chief information officer Daniel Mehan outlined his views on a proper cybersecurity defense system this morning, while speaking to industry officials at an executive breakfast of National Business Promotions and Conferences Inc.

Mehan said a multiple-layered approach is necessary. However, he warned of the importance of efficiency and flexibility when dealing quickly with intrusions.

When infected by a virus, or other forms of intrusion, Mehan stressed the need for an adaptive quarantine. A key element of future cybersecurity systems is building break points where intrusions can by stopped and isolated.

Monitoring the system is crucial to cyberdefense, Mehan said. Agencies must know how to interpret data and receive real-time analysis, he said, adding that effective cybersecurity deals with intrusions on a real-time basis and maintains continuity of operations.

"I think we're much smarter than we were four years ago," Mehan said. "This is the way we're going to approach [cybersecurity], and we think it will help us think things through in the future."

Mehan predicted an increase in sophisticated intrusions in the future, and called for improved security engineering.

"We're moving [toward] situations that are much more instantaneous. We need multiple layers of protection, but we must have a certain nimbleness in dealing with intrusions," he said.

Stating that the agency's Computer Security Incident Response Center is the "heart of the cyberdefense system," Mehan stressed the need for an agencywide view of cyberdefense.

Mehan also stated that FAA projects, such the agency's Telecommunications Infrastructure program — a 15-year effort aimed at improving telecommunications at more than 5,000 FAA facilities nationwide — must fit together under the cybersecurity framework.

"There is room for a lot of roles," Mehan said. "The key is that they be integrated."

Featured

  • Comment
    Diverse Workforce (Image: Shutterstock)

    Who cares if you wear a hoodie or a suit? It’s the mission that matters most

    Responding to Steve Kelman's recent blog post, Alan Thomas shares the inside story on 18F's evolution.

  • Cybersecurity
    enterprise security (Omelchenko/Shutterstock.com)

    Does Einstein need a post-SolarWinds makeover?

    A marquee program designed to protect the government against cybersecurity threats is facing new scrutiny in the wake of Solar Winds Orion breach, but analysts say the program was unlikely to have ever stopped the hacking campaign.

Stay Connected