TSA’s Paul Morris: Incident response is all about speed, speed, speed

As one, albeit large, component in Homeland Security, the Transportation Security Administration works in concert with other components as it also worked to ensure its own mission continuity. Namely, keeping the nation’s airports and hundreds of thousands of daily passengers moving.

Paul Morris, TSA’s chief information security officer and executive director of its Information Assurance and Cybersecurity Division, says the agency learned a lot responding to recent threats like Heartbleed. “It tested tools we had,...

READ MORE

As one, albeit large, component in Homeland Security, the Transportation Security Administration works in concert with other components as it also worked to ensure its own mission continuity. Namely, keeping the nation’s airports and hundreds of thousands of daily passengers moving.

Paul Morris, TSA’s chief information security officer and executive director of its Information Assurance and Cybersecurity Division, says the agency learned a lot responding to recent threats like Heartbleed. “It tested tools we had, the processes we exercised.”

His goal is making his organization faster and more flexible in its incident responses. Thanks to some new tools, when and alert comes in, TSA can scan its various systems within five minutes to see if any of them are carrying the latest threat. Morris says his own security operations centers are in constant communication with the DHS National Cybersecurity and Communications Integration Center (NCIC) “so if something happens we know about it fairly quickly.”

 

Host

Tom Temin

Tom Temin has been reporting on and providing insight to technology markets for more than 30 years.  Tom was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines. Tom also contributes a regular column on government information technology.

 

Guest

Paul Morris, CISO & Executive Director, Information Assurance and Cybersecurity Division OIT, TSA

Paul Morris is a member of the Senior Executive Service responsible for the Vision, Strategy and Execution of Cyber Defensive Operations, Governance, Compliance and Risk Management to defend the data and information systems for 60,000+ TSA employees/contractors.