Digital Conflict

By Kevin Coleman

Blog archive

Assess your defense before a cyberattack

I am sure this is not a shock to most of you, but our current approach to cybersecurity is not working. When an information security icon such as RSA experiences a serious security breach like the one acknowledged recently, what does it say about the average organization and its ability to protect its information assets?

While I was teaching a course on cyber terrorism this month for emergency services organizations, an interesting conversation took place. During the program, three serious security issues came out during a cyberattack scenario exercise. I am not able to divulge those issues for security reasons. Let me say, though, that the magnitude of risk that accompanied these issues was cause for great concern.

Why all of our emergency services, identified as a component of our critical infrastructure, have not conducted cyberattack planning and review is beyond comprehension. This is particularly true given warnings that a cyberattack on our emergency response infrastructure and assets is likely to accompany an act of terrorism.

Some of the information systems used by emergency services are no longer supported and need to be replaced. For those emergency assets that are already in place and still supported, we need to identify areas of vulnerability and address those shortcomings before it is too late. When we plan and develop our operating procedures, critical systems and infrastructure, we need to look at the security issues that may focus on those essential capabilities. It is easier and more economical to build security in rather than trying to address security as an afterthought. Why is that so hard for us to do?

As the saying goes, an ounce of prevention is worth a pound of cure.

Posted by Kevin Coleman on Mar 24, 2011 at 12:12 PM


Featured

  • FCW PERSPECTIVES
    sensor network (agsandrew/Shutterstock.com)

    Are agencies really ready for EIS?

    The telecom contract has the potential to reinvent IT infrastructure, but finding the bandwidth to take full advantage could prove difficult.

  • People
    Dave Powner, GAO

    Dave Powner audits the state of federal IT

    The GAO director of information technology issues is leaving government after 16 years. On his way out the door, Dave Powner details how far govtech has come in the past two decades and flags the most critical issues he sees facing federal IT leaders.

  • FCW Illustration.  Original Images: Shutterstock, Airbnb

    Should federal contracting be more like Airbnb?

    Steve Kelman believes a lighter touch and a bit more trust could transform today's compliance culture.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.