Thinking Like a Hacker: Dickie George, Technical Director of Information Assurance, National Security Agency
As the government adds more functionality to its information system and application, the opportunity for attackers to hack federal IT also increases.
"We are notorious for always need new types of functionality," Dickie George, the National Security Agency's Information Assurance Directorate technical director, said in an interview with GovInfoSecurity.com (see transcript below). "It is a real trade off. You always want the functionality and you always know that you are providing opportunities so you need to take that into account and try to build in additional security every time. It is a race."
Are we winning the race? Read on for George's answer.
In the first of a two-part interview with GovInfoSecurity.com's Eric Chabrow, George discusses:
- The strength of today's technologies that assure the security of the federal government's civilian, intelligence and military information systems and networks.
- New information assurance technologies coming down the pipeline.
- Whether the government is winning the race to adequately secure its systems from those seeking to infiltrate them.
In part two of the interview, George discusses the challenge of recruiting qualified IT security experts for government.
George began at the National Security Agency in August 1970 after graduating from Dartmouth College. He started in the Crypto-Math Intern Program, having tours in Research, the SIGINT Directorate and the Information Assurance Directorate's predecessor organization. Except for a tour in the Signals Intelligence Directorate and one at the Center for Communications Research in Princeton, he has worked in the Information Assurance Directorate's since 1973, and has served as its technical director since 2003.
ERIC CHABROW: How strong are today's technologies to assure the security of the information in civilian, military and intelligence networks and systems?
DICKIE GEORGE: The technologies are getting better. The certainly provide a level of security that we haven't seen before. They have to be used correctly and that is really the key. You have to layer security together to cover all of the bases and you have to have users that are capable of using them in a away that they get the assurance that they need.
CHABROW: When you say layer security together, what do you mean by that?
GEORGE: You don't want to rely on one piece of equipment all by itself. You need to have an operating system that is configured correctly. You need to have boundary protection, a firewall. Depending on what your needs are, you have to have antivirus protection, you have to take advantage of the technology that is available to provide the levels of assurance that you need against all of the threats that are present in today's world.
CHABROW: Is there a way you could sort of illustrate this? Maybe in a sense of showing what NSA is doing in relationship to layering these various pieces together?
GEORGE: It starts with the architecture and the policy. In a given environment, there is a threat that you are concerned about and typically there is a large number of threats. You need to try to address all of those threats by putting adequate protection in place. Boundary protection might keep a threat out, but if the threat is already in the inside then you need to have other layers of protection. You need to have antivirus to try to catch something that is happening. You need to make sure that you aren't allowing something in. If you get encrypted mail, the firewall is not going to see it, so you need to have something else that is going to check once it is decrypted to make sure that nothing bad is happening
You really need to ensure that you have covered all of the bases of what the threat environment is like. And that threat environment has changed so dramatically over the years, basically because of the change in the access. We have functionality today that provides a lot more access for hackers or criminals that they never had in the past and functionality that is present in today's technology allows them to do things that they wouldn't have been able to do 15 or 20 years ago.
CHABROW: What kind of new information assurance technologies do you see in the pipeline that can help?
GEORGE: There are occasionally radical shifts in the type of technology that is available. More often than that, it is an evolution where the products are not all that changed but they are providing additional layers of security.