The current status of cybersecurity threats and information sharing between the public, private and government sectors is improving. With that said, there is still...
The current status of cybersecurity threats and information sharing between the public, private and government sectors is improving. With that said, there is still much work that needs to be done.
CyberChat host Sean Kelley sat down with an esteemed panel to discuss. The guests include:
Both private and public partnerships are essential to counter those who are actively trying to penetrate networks. But how do we get the right information to the right people at the right time?
Transforming data into intelligence and making that information relevant to organizations is a real challenge. It’s not something that can be fixed easily or without a collective force of effort.
While there is a lot of noise coming from people who claim to have a mass of intelligence, they actually just have a lot of information, which isn’t the same thing. The key to having quality data is relevance.
Data overload is already upon us, and it’s something that is only going to continue to grow. Artificial intelligence and machine learning are two particularly exciting areas in the future for cybersecurity, and they will both enable a faster way through the murky clouds created by having too much data.
Partnerships between the private sector, federal civil service, Defense Department and the intelligence community at large can be leveraged to take the data that is gained and help to truly understand what the adversaries are doing, how they are doing it and the most effective ways to detect and mitigate those risks.
Overcoming challenges
How can we create a common language between analysts and the intelligence collectors?
The intelligence collectors need to understand the threats and the tools that the analysts in the cyber defense world use to protect their networks. A more defined focus on technology along with policy is what is needed. However, it will cost money and more importantly, it will take time.
Some of the considerations for the policy concern data privacy, data sharing, data handling and data storage. This could also differ based on a region, state, country or continent. The end goal seems to be understood, but the challenges lead us to believe it is not something that is close to being resolved any time soon.
We first need to know what suspicious activities actually look like. Once risks have been defined, the data will need to be transformed into a set of indicators. This data will then be searchable on a network. One of the key challenges is figuring out which controls need to be in place in order to detect harmful activity quickly and more effectively.
The ultimate goal of cyber threat intelligence is to raise the cost of operations to the adversary.
The pool of active consumers that utilize cyber threat intelligence services is small. A larger subset of passive consumers get access to this data through the the use of various technologies, and could potentially be wiped out by an advanced attack. Reaching out to them is that last mile, and it’s going to be essential.
Persuading the private sector to bring forward data — which could have reputational or financial effects — or the government to share highly-classified information will always be difficult. But as an industry, we must find middle ground, where we can more easily access the information that end users need to do their jobs effectively.
Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.
Director, IC Security Coordination Center, Office of the Director of National Intelligence
Deputy Chief, Cyber Security Operations, NSA
Chief, Cyber Threat and Risk Analysis, Cybersecurity and Infrastructure Security Agency
Chief Technology Officer, LookingGlass
Host of Cyber Chat, Federal News Network
Director, IC Security Coordination Center, Office of the Director of National Intelligence
Mr. Wallace “Wally” Coggins serves as the Director, Intelligence Community Security Coordination Center (IC SCC), within the Office of the Director of National Intelligence (ODNI), IC Chief Information Officer. The IC SCC provides for the integrated defense of the IC’s information environment and serves as the Federal Cybersecurity Center responsible for coordinating the IC’s defensive response to major cyber incidents, threats, and vulnerabilities.
Prior to his current assignment, Mr. Coggins served as the ODNI’s Deputy Chief Management Officer, leading and managing internal ODNI administration, finances, and policy, and as the ODNI Executive Secretary responsible for coordination of official correspondence and other communications on behalf of the DNI. Mr. Coggins also served as a Director responsible for acquisitions, integration, and evaluations along with other assignments within the ODNI Acquisition, Technology, and Facilities component.
Prior to joining ODNI, Mr. Coggins served as program manager and contracting officer at the Naval Air Systems Command for the development and acquisition of major weapons systems including the F-35 Joint Strike Fighter, F/A-18 tactical aircraft, electronic warfare, mission planning, and missile programs.
Deputy Chief, Cyber Security Operations, NSA
CURRENT POSITION: Mr. Maurice (Mo) Bland is Deputy Chief of the National Security Agency/Central Security Service’s (NSA/CSS) Cybersecurity Operations (CSO) Group in the Operations Directorate, where he co-leads integrated cybersecurity operations that enable high impact operational effects in the cyber domain and deny adversaries the ability to influence, exploit or threaten cyber and information infrastructure domains within the bounds of our authorities.
BACKGROUND: Prior to joining NSA/CSS, Mr. Bland served in the United States Army. During his early career, he served a multitude of positions, which included three tours of duty with NSA, where he completed the Junior Officer Career Program, served as the Army Battalion Commander at NSAG, and served as the Cyber Mission Manager Chief of SID Cyber. He commanded at both the Battalion and Company level – 206th Military Intelligence Battalion (NSA-G) and Echo Company 201st Military Intelligence Battalion, Fort Gordon, Georgia. Mr. Bland also served three combat tours in support of operations in Iraq and Afghanistan. In 2014, he retired from the United States Army as a Colonel. Mr. Bland is a “plank member” of the Cyber Threat Intelligence Center (CTIIC), Office of the Director of National Intelligence, serving as the center’s Deputy Director. From February 2014 – July 2015, he served as the NSA/CSS’s SIGINT Directorate Associate Deputy Director, CYBER (SID Cyber) as well as the Mission Management Chief for Cyber for SID Cyber. As the SID Cyber Mission Management Chief, Mr. Bland was responsible for the integration of USCYBERCOM’s mission forces across SID. Most recently, Mr. Bland served as the Special Collection Service’s Deputy Chief of Field Engineering Operations.
EDUCATION: Mr. Bland graduated from Georgia Southwestern College in 1987 with a Bachelor of Science degree in Political Science. In 1999, he received his Masters of Science in Information System Management from Central Michigan University and also holds a Masters in National Resource Strategy from the Industrial College of the Armed Forces.
Chief, Cyber Threat and Risk Analysis, Cybersecurity and Infrastructure Security Agency
In April, 2018, Rex Booth joined the National Cybersecurity and Communications Integration Center at the Department of Homeland Security (DHS) as Chief of Cyber Threat and Risk Analysis (CTRA). He manages teams that conduct all-source intelligence analysis and production, community coordination, and information sharing. Mr. Booth’s portfolio includes operations for DHS flagship programs such as Automated Indicator Sharing, Common Vulnerabilities and Exposures, and the National Vulnerability Database. CTRA’s mission is improved security through the effective dissemination of information and intelligence among DHS stakeholders.
Previously Mr. Booth served as the Deputy Chief Information Security Officer at the Pension Benefit Guaranty Corporation, as U.S. federal agency. He brings a set diverse capabilities from more than 15 years of professional experience in the public and private sectors. His past roles include developer, security and management consultant, and cybersecurity vendor, working with various industry leaders such as Mandiant, Grant Thornton, KPMG, and CSC.
Mr. Booth holds a dual Bachelor’s degree in Political Science and Computer Science from Mary Washington College, and a Master’s degree in Information Systems and Technology Management from the University of Delaware. He also holds a certificate in Executive Leadership from the Harvard Kennedy School.
Chief Technology Officer, LookingGlass
As LookingGlass Chief Technology Officer, Allan Thomson has more than three decades of experience across network, security, and distributed systems technologies. Allan leads technical and architecture strategy across the LookingGlass solutions portfolio.
Prior to LookingGlass, Allan served as Principal Engineer at Cisco Systems, Inc., where he led the software architecture and design of the company’s Cyber Threat Defense System and Platform Exchange Grid. He was responsible for overall systems management and security telemetry collection/aggregation, as well as distributed threat analysis/intelligence services in multi-tenant public and private cloud deployments.
Before joining Cisco, Allan oversaw the technology growth initiatives of several start-up companies, including Airespace, where he was a Software Architect responsible for the design, development and network management/location tracking of the company’s wireless local area network (WLAN) system.
Host of Cyber Chat, Federal News Network
Mr. Sean W. Kelley is a former member of the Senior Executive Service and has over 27 years of IT experience in the federal and private sector. Prior to joining the Federal Government in 2012 (Department of Veteran Affairs & Environmental Protection Agency), he held positions as an Independent Consultant with numerous Healthcare IT Companies. He also served in a variety of key IT positions within the Navy Medicine including the CIO for the United States Naval Ship (USNS) Comfort during Disaster Relief for the Haitian Earthquake; the CIO for Navy Medicine Corporate Headquarters; the Director for the Navy Medicine Enterprise IT Program Management Office and as an IT Manager for the Attending Physician to Congress (OAP).
Mr. Kelley has experience in information technology and cybersecurity with a focus on developing strategic planning to achieve business goals. Mr. Kelley is a contributing author for the Computer Security Handbook in Security Policy and the VA’s Cyber Security Strategy White Paper for the White House and Congress that led to the VA’s Multi-Million Dollar Cybersecurity Strategy. Mr. Kelley has taught cyber security at the Master’s, and Bachelor Degree level and was a highly regarded SANS Institute On-Demand Instructor and course author. Mr. Kelley was recently named to the “FedHealthIT100 which honors those individuals recognized for driving change and advancement in the Federal Health Information Technology Market.”
Mr. Kelley has a B.S. in Healthcare Management from Southern Illinois University, a M.A. in Computer Resource and Information Management from Webster University, and a M.S. in Information Technology Management from the Naval Postgraduate School in Monterey, CA with a focus in networking and information assurance. Mr. Kelley studied at the Naval Postgraduate School’s Center for Information Systems Security Studies and Research (CISR). “CISR is America's foremost center for defense-related research and education in software security, Inherently Trustworthy Systems (ITC), Cybersecurity Defense, and the use of computational systems in Cyber Operations”. Mr. Kelley is a Certified Information Systems Security Professional (CISSP) and a Project Management Professional (PMP). Mr. Kelley is also an ICIT Fellow. Members of the ICIT Fellows Program are part of an elite group of experts who are leading the industry with cutting-edge innovation, thought leadership, and advanced technologies.