HOT TOPICS >> Cloud computing | Cybersecurity | Gov 2.0 | Fiscal 2012 | Mobile | Transparency | GAO reports
AGENCY NEWS >> Defense | NASA | Homeland Security | NIST | OMB | Veterans Affairs | NARA | GSA
Latest News
Media Partner
Free Newsletter
FierceGovernmentIT tracks the latest technological developments in the U.S. government. Join more than 17,000 federal/state decision makers and IT executives who get FierceGovernmentIT via email. Sign up today!
About | View Sample | Privacy
Whitepapers
- Inside the Federal Cloud: Master the Challenges, Seizing the Opportunities
- IMPROVING THE MANAGEMENT OF FEDERAL GOVERNMENT IT ASSETS THROUGH BETTER COMMUNICATION WITH THE IT INDUSTRY
- Business Intelligence: It's All in the Data
- The E-discovery Toolbox: What you should look for in a unified e-discovery solution
- Innovative Solutions for Database and DBA Management
- The Top 4 Reasons Your Telecom Expense Management Provider Shouldn't Manage Your Wireless
Ross: Defense only goes so far, real cybersecurity is agile
Security breaches are inevitable and no agency can be fully secure in its networks, said Ron Ross, senior computer scientist and information security researcher at the National Institute of Standards and Technology.
A more realistic goal is for government information technology to be resistant; agencies should assess how they operate while under attack to minimize damage, he added while speaking June 15 at a Washington, D.C., event called the Government IT Leadership Forum.
Under the preferred strategy of agile defense, agencies should have a plan for recognizing these malware breaches, bringing back the system to a known, secure state, and quickly removing implanted malware before it is on target long enough to do significant damage, said Ross.
Continuous monitoring, while a critical part of cybersecurity, "is not a strategy, it's a tactic," said Ross. Systems will become infected, at which time, said Ross, a static list of compliance requirements will not be helpful. Ross encouraged attendees to think of cybersecurity as a moving and evolving risk management framework.
Overall, Ross says the federal enterprise architecture desperately needs improvement and overhaul has not been a priority. This is working against government IT from a security standpoint, he said. "You need [cybersecurity] to help enable the mission, not hold it back," he said.
Related Articles:
Lieberman wants to give federal government power over Internet cybersecurity
Is the threat of cyber war exaggerated?
Loose networks sink ships
Bulk power system cannot be fully protected
U.S. electrical grid probed but not yet attacked, says paper
SHARE WITH:
Home
| Subscribe | Advertise | Mobile Edition | RSS |
Privacy
| Site Map
| EditorsTHE FIERCEMARKETS NETWORKFierceEnergy | FierceSmartGrid | FierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceHealthPayer | FiercePracticeManagement | FierceEMR | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceGovernment | FierceHomelandSecurity | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceMedicalDevices | FierceDrugDelivery | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceEnterpriseCommunications | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2011 FierceMarkets. All rights reserved. |
 |
