POSTED MAY 22, 2017 BY MIKE SPINNEY
Working with the Mass Technology Leadership Council (MassTLC) as we do, CHEN has the chance to work on issues that transcend the typical vendor perspective. Often focused on how those issues affect the local technology and innovation community, the issues are those that affect communities across the nation and the blog. Cybersecurity is one example.
Cyber-attacks are growing in scale and sophistication. The recent WannaCry ransomware worm aside, hackers of every stripe are motivated to crack through the walls of digital defense and steal money, information, and intellectual property.
With that threat as a backdrop, MassTLC hosted Rob Joyce, special assistant to the President and White House cybersecurity coordinator—the “U.S. Cyber Czar”—to address a gathering of the Bay State’s leading CISOs and cybersecurity professionals from business, government and academia.
“You will never stop a motivated intruder,” Joyce warned, as a he described a global hacking threat and a world that is largely unprepared to counter the peril.
In government Joyce spoke of the disparity of resources that can leave federal agencies vulnerable. Despite the “massive” investment in cybersecurity, the resources that are available to the Department of Defense are not equal to those at the disposal of the Marine Mammal Commission, he said. And while that disparity was offered to make a point, somewhere in between is the Bureau of Reclamation which is responsible for 40 billion kilowatt hours of annual hydroelectric power generation.
“Do they have the same [cybersecurity] capabilities as the Department of Defense?” Joyce asked, pivoting to the challenge of protecting the nation’s critical infrastructure. “If the power goes down, nothing else can last for long.”
The problem for both the public and private sectors is that there is a dearth of talent available to staff the organizations tasked with protecting data and networks.
Rodney Petersen, director of the National Initiative for Cybersecurity Education (NICE) at the National Institute of Standards and Technology (NIST) laid out the depth of understanding and skills needed and that his agency is working to help address.
“We need professionals [at every level] skilled to function in a digital economy,” Petersen said.
There are more than 300,000 open requisitions for IT security professionals in the U.S. right now, Petersen added, but beyond that everyone needs to be more aware of the threat to themselves and their organizations. NICE is working with employers, individuals and organizations to help build that workforce of the future. At the same time NIST is helping to develop standards in both systems, content and training to ensure that workers receive a consistent level training.
“We are working to help bring communities together to support consistency and to home in on content,” Petersen said.
Joyce and Petersen were on hand for the announcement of MassTLC’s CyberMA threat sharing platform. Part of the nationwide CyberUSAthreat intelligence and information sharing platform, CyberMA enables the region to partner with like-minded people and businesses not just in Massachusetts, but across the nation and to share insights and access to critical, real-time cybersecurity information. Typically available only to larger organizations, the CyberMA threat sharing service is available to Massachusetts businesses of all sizes, giving them a robust capability to strengthen their data security and increase vigilance against cybercrime.
“Massachusetts is a global center of information security leadership and innovation,” Tom Hopcroft, president and CEO, MassTLC said in a written statement. “We live in an interconnected world with sophisticated bad actors. It’s vital that our business community work together proactively to bolster our data security posture and, with it, safeguard our citizens’ privacy and the health of our economy.”