Lawrence Reed: Time to get real about mobile devices

Lawrence Reed, the assistant director for security operations at the Justice Department, says the government needs to up its game when it comes to endpoint security, especially mobile end point. He points out, users nowadays typically have at least two endpoints – a mobile device and a tried-and-true desktop.

He sees the proliferation of end points having varying characteristics as analogous to the proliferation in that which end points access, namely applications and other resources both in multiple data centers and cloud service providers.

It can all make for a complex cybersecurity and security monitoring challenge, Reed said.

He said business owners, program managers, IT and security need to talk more about how to more carefully calibrate what people are allowed to do on mobile devices and what data they can access. As an example, he asks whether it’s worth the risk of giving someone mobile access to an entire database that might contain the department’s entire portfolio of Social Security numbers, or whether access should be limited in some way to not go beyond the needs of the task at hand.

 

Host

Tom Temin, Federal News Radio

Tom Temin has been the host of the Federal Drive since 2006. Tom has been reporting on and providing insight to technology markets for more than 30 years.  Prior to joining Federal News Radio, Tom was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines. Tom also contributes a regular column on government information technology.

 

Guest

Lawrence Reed, Assistant Director for Security Operations, U.S. Department of Justice

Mr. Reed joined the Department of Justice Office of the Chief Information Officer in 2016 as the Assistant Director for Security Operations.  In this position, he is responsible for all aspect of security operations at the department level including the Justice Security Operations Center, the Insider Threat Detection and Prevention Program, and the Supply Chain Risk Management Program.

Mr. Reed previously served as the NOAA Chief Information Security Office and Director of Cyber Security where he managed the NOAA Cyber Security Program.   During this time, he created the NOAA Security Operations Center and Trusted Internet Connection programs.  These state of the art capabilities significantly reduced the operational risk to the mission and significantly improved incident detection and response.   Mr. Reed also developed the Identity, Credential, and Access Management program, improved the Risk Management program and led the security program in the organizations movement to cloud services.

Mr. Reed’s career in the federal government began in the National Weather Service as a computer programmer developing software to track weather balloons launched across the country.  He subsequently worked on the network support teams, programmed supercomputers, and led the forensics and incident response teams.

Mr. Reed received a Bachelor of Science in Computer Engineering from the University of Massachusetts in 1989 and a Master of Science in Computer Science from Johns Hopkins University in 1995.  Major areas of study included integrated circuit design, telecommunications programming, and software engineering.