Government and industry cybersecurity experts gathered in Washington, D.C., Tuesday to share ideas about how to confront one of the most pressing challenges in IT security: the complexity stemming from the growth of mobile and cloud technologies and the skyrocketing increase in connected devices, known as the Internet-of-Things.
“Reducing complexity reduces our attack surface,” said Patrick Dowd, the chief technical officer at the National Security Agency, during a keynote presentation at Intel Security’s Security Through Innovation Summit. “Understanding what’s going on in your environment is the first step to securing it,” Dowd said in an interview with FedScoop. Simply installing security devices throughout a fragmented architecture is “really just shooting in the dark,” he said.
If a new security tool cannot be integrated “so that it can contribute to our understanding of our environment, along with everything else that we’ve got, it’s useless,” Dowd said.
Even the NSA, which is considered the most advanced cyber attack and cyber defense organization in the world, has undergone a massive “realignment” to better deal with growing complexity in its IT environment, Dowd said. The agency basically created three clouds— a utility cloud, a data cloud and a storage cloud with users connected through thin clients. What Dowd calls “smart big data” provides granular authentication and authorization across the spectrum of people, systems and data. The NSA’s physical and logical consolidation efforts have allowed security staff to “drive down the noise” on the network and analyze what is actually happening in real time.
Federal and industry executives also discussed the challenges of integrating the Department of Homeland Security’s continuous diagnostics and mitigation, or CDM, program into their own security systems.
Martin Stanley, cybersecurity assurance branch chief of DHS’ Federal Network Resilience, said that the program is meant to give federal agencies a better assessment of what their security posture is and where to focus resources.
Most agencies already have some kind of security framework in place, said Matt Brown, vice president of homeland security at the Knowledge Consulting Group. But one of the big changes on the horizon is that “most environments are going to go from one scan every 30 days or 60 days or whenever there’s a point-in-time accreditation to every 72 hours.”
“That’s going to really change some of the communication lines between the security office and the IT communications office. And I think that’s a big culture shift that folks need to prepare for,” he said.
Lt. William Walders, chief information officer at Walter Reed National Military Medical Center, said that he’s seen how an adversarial dynamic can develop between security and IT staffers. And because of that, “you need something like this – the framework methodology, the toolset,” Walders said.
Here’s a look at this year’s Security Through Innovation Summit in photos.