CEO: Feds must adapt to new style of cyberwarfare

MONTGOMERY, Ala. -- Cyberwarfare is changing and network defense must change with it, said John Thompson, chief executive officer of Symantec, during a keynote speech at the Air Force Information Technology Conference at Auburn University’s East Montgomery campus this week.

In the past, critical information was protected via a suit-of-armor approach in which layers of protection were added to keep information safe, Thompson said. But these layers restricted the data, hampering real-time use at the cost of mission performance.

Cyberattacks have changed in recent years from amateur hackers seeking notoriety to organized criminal enterprises with financial or hostile goals, Thompson said. For example, large-scale virus or worm attacks have decreased from about 100 from 2002 to 2004 to six last year.

Today’s cybercriminal is interested in “perpetrating silent, highly targeted attacks to steal sensitive personal, financial, and operational information,” he said.

Therefore, going forward, effective cyberdefense will depend on a mixture of protecting information technology infrastructure, protecting the information itself and protecting the interactions among people using the information, Thompson said.

The first step in cyberdefense is to ensure your systems will survive natural or manmade disasters by transferring data to backup systems in case of emergency, he said. “After all, servers and laptops [computers] can be replaced – the information on them most likely cannot,” he said.

Standardization of data and a common software infrastructure in an organization are crucial to IT infrastructure protection, Thompson said.

Many tools exist to protect databases. The next frontier is the battle over unstructured data, including e-mail, instant messaging, PowerPoint, Microsoft Word documents and voice-over-IP conversations, which make up 80 percent to 90 percent of data, he said.

Organizations must also be ready to contend with internal threats, Thompson said. Disgruntled or careless employees can do significant damage, so transactions must be monitored to instantly combat suspicious or dangerous activity, he added.

“Comply and connect” mechanisms must also be used to verify user identity, Thompson said. Identity phishing is prevalent among criminals and foreign espionage groups. Also, the proliferation of wireless devices and telework mandates increasingly sophisticated approaches to certification and authentication.

“As more interactions happen online it becomes critical that each and every one of us can prove to the other that we can be trusted,” he said.

But in the end, an organization’s cybersecurity is only as good as the people who manage and use it.

“People are just as important as technology and policies,” Thompson said. “In fact, with proper planning and training, employees can become your strongest line of defense.”

Featured

  • Defense
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    DOD CIO hits pause on JEDI cloud acquisition

    Dana Deasy set cloud as his office's top priority. But when it comes to the JEDI request for proposal, he's directed staff to "pause" to compile a comprehensive review.

  • Cybersecurity
    By Gorodenkoff shutterstock ID 761940757

    Waging cyber war without a rulebook

    As the U.S. looks to go on the offense in the cyber domain, critical questions remain unanswered around who will take the lead and how clearly to draw the rules of engagement.

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Deadline extended for Rising Star nominations

    You now have until July 18 to help us identify the early-career innovators and change agents in government IT.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.