Insight by Raytheon

Women leading the way in government cybersecurity

Staying Cyber Relevant

We are looking at cross-sector solutions with the sector-specific agencies. We are as concerned today, if not more so, about changing tactics techniques and procedures of the adversary. We have not backed off of any of our warnings. In fact, we've started to ensure that especially during the month of October, during Cyber Security Awareness Month, that we are making sure that both individuals and those responsible for the collective are aware of those nation-state actors that we are most concerned about, and also of the protectives measure that they should be taking on a daily basis themselves.

Threat Intelligence and Success Stories

The Worldwide Threat Assessment talks specifically about what China can do in our infrastructure, and on the top of page six it talks about what Russia can do. So, what we are trying to do is make sure we can detect it. Some of the traditional ways of how people look at the information is very after the fact of something happening, so that's the reactive piece. So, we are now saying that any anomaly; any alarm that's triggered within an operational technology environment, that IS the trigger; that is the cyber threat indicator until such time that we can do the analysis across the board and say that it's not, that that's a normal way.

The Role of Women in Cybersecurity

It's a must do; retraining across the board. At the end of the day, cyber is a people business. You have a person on the end of that keyboard and it's about understanding the people. And women have very high emotional intelligence. They're fine with expressing emotion and they're fine with others expressing emotion. So, I do think convincing them that they can enter at any point in their career and learn the technology, because they do bring something to the table.

Cyber threats have changed dramatically over the last several years. But while the landscape has evolved with the advent of the cloud and vast amounts of data being stored there, staying ahead of threats is a major focus for federal agencies and their private sector partners.

Federal News Network organized a panel discussion with industry and government cybersecurity experts to explore the challenges, and opportunities, around this critical issue. Specifically, how a diverse workforce – in what has typically been a male-dominated field – can achieve success against the ongoing cyber threats the country faces.

The panel included representatives with a variety of perspectives from the departments of Energy, Homeland Security and Health and Human Services, as well as the Defense Information Systems Agency and Raytheon.

A common theme among the panelists was staying proactive so agencies are not “analyzing after the fact,” according to Karen Evans, assistant secretary for the office of cybersecurity, energy security and emergency response at the Department of Energy. Evans said she remembers a warning about cyber attacks from the head of the National Security Agency some 10 years ago, and she said threats from adversarial nation states are still some of the biggest challenges.

As devices are more interconnected, the playing field gets more complicated. Agencies rely heavily on their partners in the private sector so that “risk-informed decisions can be made quickly and in an intelligent manner,” according to Alexis Wales, the deputy associate director of threat hunting, cybersecurity and infrastructure at the Cybersecurity and Infrastructure Security Agency within the Department of Homeland Security.

DHS continues to look at cross-sector solutions but Wales said bad actors are already in the systems, and the days of securing the perimeter are over. She said DHS focuses on partnerships with those who operate closer to the endpoint to warn about what might be taking place.

The bar to entry from attackers is low, and Teresa Shea, vice president of cyber offense and defense experts at Raytheon, said once bad actors get in they discover what might be valuable to them and what they might be able to sell or use to their advantage.

“Even personal information could be of high value to an adversary,” she said.

The way forward? “Know what’s the most important asset to you and protect that, but you also have to protect your entire network surface,” Shea said.

Listen to the full show:

Copyright © 2019 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.