Governance & Risk Management , Government , Industry Specific

Stanton Gatewood on Why FUD Doesn't Make Businesses Secure

Georgia Cyber Official Shares Why Awareness, Preparedness and Resilience Are Vital
Stanton Gatewood, cybersecurity coordinator for Georgia, CISA

One of Georgia's top cybersecurity officials urges industry leaders to shift conversations with customers from fear, uncertainty and doubt - or FUD - to awareness, preparedness and resilience.

See Also: Securing the Nation: FedRAMP-Authorized Identity Security

Stanton Gatewood says security officials should discuss both user awareness and situational awareness with customers to ensure companies understand what's normal for their network and systems. From there, companies should ensure they have the right technology and personnel to detect a compromise, plus a business continuity or disaster recovery plan that ensures the attack isn't a business-ending event (see: US CISA Official: 'Forcefully Nudge' Users to Adopt MFA).

"People still don't take cybersecurity seriously unless and until they're victims. Then, all of a sudden, it's the worst thing in the world," says Gatewood, who is the U.S. Cybersecurity and Infrastructure Security Agency's cybersecurity coordinator for the state of Georgia. "You should be ready for whatever attack comes along the way."

In this video interview with Information Security Media Group, Gatewood discusses:

  • Why FUD isn't a good way to educate the public about cybersecurity risk;
  • Why confidentiality, integrity and availability are essential to security;
  • How the cybersecurity industry should address impending retirements and brain drain.

Gatewood, a former CISO for the state of Georgia, the Board of Regents of the University System of Georgia and the University of Georgia, has more than 35 years of experience in executive leadership, cybersecurity program management and strategic planning, including the U.S. military, state and federal governments, higher education and several top 10 global corporations. Gatewood also has served as vice president for information technology and as CIO at Albany State University. He has built centers of excellence around cryptography and awareness and training and is a recent nominee to the National Cyber Security Hall of Fame.

About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.