Slow IT procurement hinders security
NSA official provides some ideas for new approaches to cybersecurity.
The difficulties that government agencies have in trying to acquire secure hardware and software that isn't obsolete or vulnerable before being deployed is a nagging problem that aggravates at least one cyber warrior.
"I'm frustrated by this," Charles Berlin, director of the National Security Operations Center at the National Security Agency, told other federal agency attendees at the 2013 SAS Government Leadership Summit on May 21 in Washington, D.C.
Appearing on panel of cybersecurity experts discussing how to manage expanding and mutating cyber security risks, Berlin said that rather than dealing with the security features of each individual piece of equipment added to the network, addressing the underlying platform and architecture is a more efficient, and ultimately more secure, route – especially given the length of time federal acquisition can take.
"If blade [servers] become commoditized, buy blades," he said. Cybersecurity is designed around process, not pieces of gear.
The NSA's cloud services are a way to defend information, he said. "The architecture is the thing. Commodity buys come and go."