The Public Eye with Eric Chabrow

4 Out-of-the-Norm Cybersecurity Challenges

4 Out-of-the-Norm Cybersecurity Challenges

"I don't have three; I have 23 that keep me up at night," Carey told the gathering of federal cybersecurity professionals and managers.

His challenges aren't the typical ones, but they wouldn't surprise those who know Carey, one of the first federal chief information officers to blog and a big advocate of government agencies employing Web 2.0 technologies if they can be secured.

In my world, people like to go really slow, but the Internet won't allow that. 

Challenge 1: Culture

Getting non-tech decision-makers to live and breathe cybersecurity. The least cybersecurity smart are the military's top brass who can be found in the offices in the Pentagon's "E" ring, the outer perimeter of the Defense Department's headquarters with a view of the outside world. "They're the decision makers," Carey said "The higher they go, the less they know (knowing laughter). ... You have to convince them to get behind (cybersecurity) so all the others who don't do this for living get it."

Another cultural challenge: the Millennials. True, they're tech savvy, and they want to bring their portable devices to work. But many in this under 30 crowd are just too trusting when it comes to technology. "Cyber(security) is not something they jump at right away," Carey said.

Challenge 2: Pace of Change

"Social networking, Web 2.0, Web 3.0 are here to stay," Carey said. "In my world, people like to go really slow, but the Internet won't allow that. The Internet moves at the pace of the Internet, and not the pace that you want to. The young kids you hire are doing things you don't like. ... (But) you'll need to harness that.

"We do podcasts, wikis ... and that makes certain folks nervous. But cybersecurity has to evolve with that pace of change. ... Don't be the guy to slow things down. Rather, partner with them to deliver the proper levels of security."

Challenge 3: Identity Management

"The heart of cybersecurity is who I am," Carey said. "What is Rob allowed to do? Ultimately, how I validate who I am. I can access things and not certain other things. It's the lynchpin."

Identity management is crucial in organizations such as the Navy that has 900,000 folks, each with specific responsibilities that need to be recognized by various systems and applications in order to defend the nation.

Though the panelist were asked to provide three challenges, Carey offered another one.

Challenge 4: Wireless

A few years back, as an experiment, the Navy distributed Blackberries to officials, including flag officers. When the experiment was over, Carey recalled, nobody gave them back.

"A web-enabled world at your fingertips makes the wireless component of cybersecurity huge," Carey said. "If my boss is a big fan of a certain vendor's device, I've got to figure out how he can use it. At the end of the day, people don't want to be tethered to their desks. They want to be able to get information they're authorized to.

"That realm is on the table today. We have to understand the network is connected to wireless as well as the ivory-tower building. We need to be mindful of that."

About the Author

Eric Chabrow

Eric Chabrow

Retired Executive Editor, GovInfoSecurity

Chabrow, who retired at the end of 2017, hosted and produced the semi-weekly podcast ISMG Security Report and oversaw ISMG's GovInfoSecurity and InfoRiskToday. He's a veteran multimedia journalist who has covered information technology, government and business.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.