With a career that stretches back to the 1980s, Ron Nielson, executive director for Public Sector at LookingGlass, has seen the IT Industry grow and mature over the decades – from his start in the intelligence sector to his work in the private sector for an internet service provider.
On this edition of CyberChat, host Sean Kelley discusses with Nielson what it takes to develop a mature cybersecurity posture.
Nielson said employees need to know the mission of the company, the company’s key terrain, what they are defending and what is the pot of gold at the end of the rainbow.
Nielson said companies should “get more broadly focused on what is the objective [to protect] … what is the corporate sweet spot?” Whether it’s a server, a database or the organization’s people, Nielson said understanding what the adversary has in their toolbox, how an adversary would attack and what those attacks look like are key questions to answer first.
“Most cybersecurity companies, even ones we consider mature, don’t seem to align their defensive practice to the high-value assets or the terrain,” Nielson said.
Adopting a threat assessment or a cyber assessment kind of mentality is one of the best ways to mature a cyber posture. Nielson said “it can be done organically by the organization or through a third party as a service activity.”
The revolving door of chief information security officers, Nielson cautioned, is a hindrance to the maturity of the cybersecurity sector. “It’s hard to really mature that position or that organizational function when we don’t apply some level of stability to it.”
The cyber workforce also has an important role in cybersecurity maturity. “You have to understand your workforce and their capacity,” Nielson said. He added that there is always going to be a shortage of cybersecurity professionals. So, as organizations look at their environments, they must understand how tools can be incorporated to offset skills or personnel gaps.
“The tools sometimes can be wonderful. But if you’re not going to trust what the tool tells you [or] use its knowledge to help defend your network, you’re kind of defeating the purpose of automation and machine learning,” Nielson said. “Mature organizations pick the tools that compliment their workforce.”
Nielson recommended finding service providers that offer advanced techniques that the company and workforce may not comfortable with yet.
Information sharing is the last big piece of creating a mature cyber posture.
“I don’t think cybersecurity professionals are basically trusted,” Nielson said. “When an organization has been compromised, they’ve been trained not to expose it […] because if you show that you were compromised, you’ve demonstrated that you, in a sense, have failed.”
Nielsen challenged the community “to start thinking of it differently.” He said cybersecurity professionals should be applauded because they found the intrusion, not denigrated or scrutinized. “When people find an adversary, we should all salute them. Maybe come up with an award in D.C. for them.”
Ronald Nielson is the Executive Director, Public Sector at LookingGlass Cyber Solutions, a leading provider of intelligence-driven risk management solutions. In the commercial arena, he is frequently called upon to evaluate emerging technologies with venture capitalists and provide his unique opinions on where they should direct their company’s advancements and vision.
Mr. Nielson has broad knowledge of the cybersecurity field, both during his time in the U.S. Army and at NSA, working with partners across Commercial Industry and the Intelligence Community. He was the driving force behind the SHARKSEER Program for close to four years, leading both the implementations and the future direction of this enterprise-level capability for the Department of Defense.
During his 20 years in the U.S. Army, Mr. Nielson served in a variety of diverse capacities, supporting various cyber operations to operating as a rotary wing flight operations crew chief to interpreting in multiple languages. His extensive training as a Linguist has supported missions across the globe using the Polish, Russian, Czech, Serbo-Croatian, Arabic, and German languages. Additionally, his cybersecurity expertise was recognized, working on Unconventional and Conventional Network attack teams, and he served as the Army Liaison to Cyber Operations. His more recent experience was within the Computer Network Defense Research and Technology for Enterprise Network Defense Capabilities to promote new approaches to cyber defense.
In his 15 years since retiring from the U.S. Army, Mr. Nielson has been employed by a major IT consulting firm and most recently by the NSA. He provided services to a number of Intelligence Community partners and the NSA Threat Operations Center (NTOC), focusing on sensor collection, quick analysis and response capabilities for protective and defensive mission areas. He has been a member of the Information Assurance Directorate for more than eight years, where he has been responsible for Sensor Software System Development and establishing Advanced Analytic Data Integration Toolsets.
Mr. Nielson developed his leadership and technical skills throughout years of military and professional training, acquiring a number of technical and leadership certifications. Due to his experience in leading systems development initiatives, he was selected as the SHARKSEER Lead and was charged with leveraging emergent malware solutions to develop and respond to adversarial capabilities in real time. He has matured this Program to be the first concerted effort at advancing commercial technologies to defend the Department of Defense (DoD) networks. His initial efforts have met with resounding success, both within the DoD, deploying systems to protect against cyber attacks, and across the commercial sector, integrating technologies to protect the critical infrastructure. The DoD Chief Information Officer (CIO) has highlighted this program as “the highest priority cybersecurity initiative under its purview”.
Mr. Nielson continues to lead in the Cybersecurity arena, serving on several committees and mentoring the cybersecurity leaders of tomorrow.
Mr. Sean W. Kelley is a former member of the Senior Executive Service and has over 27 years of IT experience in the federal and private sector. Prior to joining the Federal Government in 2012 (Department of Veteran Affairs & Environmental Protection Agency), he held positions as an Independent Consultant with numerous Healthcare IT Companies. He also served in a variety of key IT positions within the Navy Medicine including the CIO for the United States Naval Ship (USNS) Comfort during Disaster Relief for the Haitian Earthquake; the CIO for Navy Medicine Corporate Headquarters; the Director for the Navy Medicine Enterprise IT Program Management Office and as an IT Manager for the Attending Physician to Congress (OAP).
Mr. Kelley has experience in information technology and cybersecurity with a focus on developing strategic planning to achieve business goals. Mr. Kelley is a contributing author for the Computer Security Handbook in Security Policy and the VA’s Cyber Security Strategy White Paper for the White House and Congress that led to the VA’s Multi-Million Dollar Cybersecurity Strategy. Mr. Kelley has taught cyber security at the Master’s, and Bachelor Degree level and was a highly regarded SANS Institute On-Demand Instructor and course author. Mr. Kelley was recently named to the “FedHealthIT100 which honors those individuals recognized for driving change and advancement in the Federal Health Information Technology Market.”
Mr. Kelley has a B.S. in Healthcare Management from Southern Illinois University, a M.A. in Computer Resource and Information Management from Webster University, and a M.S. in Information Technology Management from the Naval Postgraduate School in Monterey, CA with a focus in networking and information assurance. Mr. Kelley studied at the Naval Postgraduate School’s Center for Information Systems Security Studies and Research (CISR). “CISR is America's foremost center for defense-related research and education in software security, Inherently Trustworthy Systems (ITC), Cybersecurity Defense, and the use of computational systems in Cyber Operations”. Mr. Kelley is a Certified Information Systems Security Professional (CISSP) and a Project Management Professional (PMP). Mr. Kelley is also an ICIT Fellow. Members of the ICIT Fellows Program are part of an elite group of experts who are leading the industry with cutting-edge innovation, thought leadership, and advanced technologies.