Continuous Diagnostics: A Game ChangerDHS's Cybersecurity Leader Addresses IT Security Challenges
With continuous diagnostics, Schneck says, "Every time traffic passes through your network, you're learning about it, like your body's immune system. You're fighting that cold and you have that ability to share those antibodies with all of your federal agency partners. And, you don't have to write that document, so you're freeing up resources to hunt for the more harmful adversaries. This will hurt the adversary profit model."
DHS is helping federal agencies to implement continuous diagnostics and mitigation - the government's term for continuous monitoring - that's replacing the check-box compliance regimen used for the past dozen years to show IT systems are security compliant. Continuous monitoring reveals in near real time whether systems are vulnerable, something the paper-based process couldn't accomplish, Schneck says in an interview at the RSA Conference 2014.
Under the Federal Information Security Management Act, agencies spent millions upon millions of dollars over the past 12 years to create compliance documents that addressed the state of network security at a specific point in time. "And, probably, many of those are never read again," Schneck says.
In the interview, Schneck also addresses:
- DHS's efforts to help government agencies and the private sector to implement the cybersecurity framework (see DHS Offers Incentive to Adopt Framework);
- The need to reform FISMA, the law that governs federal government IT security; and
- Cyberthreat information sharing initiatives between the federal government and the private sector.
Schneck says she knows situations exist when neither government nor business can share cyberthreat information with one another, but that isn't stopping the government from pursuing new ways to facilitate information sharing. She says governments at times withhold cyberthreat information if officials believe it could tip off attackers, and businesses do so for fear of exposing themselves to liability lawsuits. But legislation before Congress, if enacted, could help mitigate businesses' concerns.
In September, Schneck became deputy undersecretary for cybersecurity after spending years at McAfee, now known as Intel Security, most recently as chief technology officer for the public sector (see It's Official: Schneck Takes DHS Post). Unlike her predecessors - Bruce McConnell, Mark Weatherford and Philip Reitinger - Schneck has a strong academic and research background, having earned a Ph.D. in computer science from Georgia Tech. She holds three patents in high-performance and adaptive information security and has six research publications in the areas of information security, real-time systems, telecom and software engineering. Before becoming McAfee's public sector CTO, Schneck served as the company's vice president of threat intelligence.
Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.