The secret to a strong cyber defense: Talk about it
As low-tech as it may be, one of the most critical tools for private companies and federal agencies in building a solid cyber defense is a shared public discourse about past experiences protecting against threats — successful or not — Symantec’s Rob Potter believes.
“At the end of the day, cybersecurity is about stories — whether they’re positive or negative,” said Potter, the company’s vice president of sales for the Americas. “If I’m willing to share that, then what that does is gives somebody else a story that they can reference to evolve their security posture.”
Revving up for the 2016 Symantec Government Symposium, Aug. 30 at the Walter E. Washington Convention Center in Washington, D.C., Potter said the biggest value attendees can take away from the symposium, and other such events, is in the candid and seamless collaboration and interaction.
“When you come to an event like this, the No. 1 attraction is the collaboration that goes on amongst people,” he said. “When you can get out there and learn about somebody else’s success and how they were able to address the risks that are out there, that to me is a very compelling reason to go to an event like this. There’s a lot of benefit to being able to listen to someone who’s been through a process and have them talk about what their findings were — being able to hear those people who have been in the heat of some of the most compelling cybersecurity issues.”
The discussion at this year’s symposium, however, may stretch beyond the typical talk of what the current threats are and the latest tech to address it.
“I think what we’re going to see here is really how do you take that intelligence and how do you now make it more actionable for the human side of it? I’m a firm believer in that we’re seeing a transition in cybersecurity where the pendulum is swinging back to that there’s an important human factor here,” Potter said. “We’ve gotten so caught up in the new technology, the new terms, even cyber itself — that and cloud, I’m not sure which one has more definitions. People have come back to the reality of this whole idea that we can solve the workforce problem and the skills problem by just automating everything. We can’t do that. Even with the tightest integration, there are still gaps.”
He added: “Having the ability to expose the right information at the right time and making the prioritization of that very visible to the security operator, that has become the critical piece of it.”
In essence, it’s all about collecting the data — the intelligence — and then making it actionable to the person at the controls, rather than sitting on it, Potter said. “How do you actually go act on it? Where does mitigation take place? Where does recovery take place?”
The Symantec Government Symposium will feature keynotes from two government leaders who have experienced and responded to cyberthreats at their agencies: FBI Director James Comey and Office of Personnel Management acting Director Beth Cobert.
Additionally, Symantec will host a series of quick-paced TED Talks-like presentations called TECH Talks — delivered by Jane Holl Lute, special coordinator for the United Nations, and Nuala O’Connor, president and CEO for the Center for Democracy and Technology — and present its annual Cyber Awards.
To Potter, this event isn’t about marketing the Symantec brand or its products.
“This is not a Symantec pitch, product pitch. This is truly a government forum for people to understand what government agencies are doing and share their experiences,” he said. “This is an investment we consciously make support customers. It’s not an investment we consciously make to sell our products.”
