Government, business need new general on cyberbattlefield. Reprinted with permission from the Washington Business Journal.

1. washingtonbusinessjournal.com January 13-19,2012
FedBizExtra
Expert Insight
Government, business need new general on cyberbattlefield
By Christopher Ling and equipping the network team, while the cluding malware analysis to understand the
CISO directs the action on the actual cyber- attack. In addition, cyber and industry/gov-
T
he crown jewels of capitalism — the battlefield, directly monitoring and engag- ernment experts on the team will assess the
innovative ideas that drive competi- ing the enemy. The two counterbalance each risk generated by the attack, and reverse en-
tion and bring nations, companies other, and the ultimate cost-benefit decisions gineering will fix the weakness and strength-
and individuals to the forefront of accom- are made at a higher level, in the C-suite in en the broader network.
plishment — are being stolen, one by one, at the commercial world or a different structure ● Evolutionary response: The team must
an increasingly faster pace. to accommodate government operations. conduct ongoing vulnerability assessments,
As the list of government agencies and CISOs can operate at all levels of an orga- examine proven best practices and develop
companies victimized by hacking grows each nization, and the good ones will end up ruf- comprehensive response strategies to keep
week, it is clear that no network is complete- fling a few feathers to drive new thinking and the defensive posture at its greatest strength
ly impenetrable. To thwart these attacks, one a focused commitment on cyberprotection. at any given moment.
must embrace a defense that embodies the Today’s sophisticated cyberattacks call ● Institutional improvements: These are
same aggressive and methodical approach as for a response that integrates the best knowl- efforts that require discipline and focus to
our cyber-adversaries use against us today. edge of a given company or government ensure the cyberprotection is fully integrated
And that includes finding the right people to agency — concerning the most precious and all parts are operating effectively. They
lead a dynamic defense — one designed to secrets, the unique operational and business will provide constant attention to cyberpol-
continuously evolve as the threats change. requirements — and the best experts in the icy, operations, new technologies, manage-
While many of today’s networks are techniques of cyberdefense. ment techniques and the recruiting and train-
largely run by chief information officers, the A cybersecurity operations center, man- ing the best cyber workforce.
CIO’s primary focus is on efficiency. Need aged separately from the CIO’s network Those capabilities can be eroded if the pri-
to meet today’s skyrocketing data manage- operations center, should focus on four key mary network focus is on efficiency alone.
ment requirements at lower costs? The CIO areas of intelligence and response. And admittedly, in today’s economic envi-
can do it. Need to defend against insidious ● Threat vector intelligence: This ap- ronment, efficiency is a strong argument.
attackers who are feeding off the best ideas proach takes virus-scan programs to a high- But the more powerful counterargument
of governments and companies? The focus er level. Not only does the process detect is the skyrocketing cost that nations will
must be on effectiveness, and the CIO needs known threats or attack types, but it also endure if we don’t adopt a more effective
help. serves as an active, continuous presence on way to combat cybercrime. Certain foreign
Unique challenges require a unique lead- the Internet to gain situational awareness of governments and individual cybercriminals
er: A chief information security officer can what’s happening and what’s changing. This are not just taking our ideas; they’ll soon be
serve as the powerful tactical general on the enhanced approach monitors trends and de- using them against us to win in the global
cyberbattlefield. But how many organiza- velops insights into new and emerging threat marketplace. As the daily headlines remind
tions have a CISO? And, if they do, what sets. Protection against just known threats us, cybersecurity isn’t something on which
resources are available to them? may be helpful at home, but won’t fully pro- anyone can “declare victory,” but with the
The best organizations will have both a tect a corporate brain trust. right approach we can avoid defeat.
CIO and a CISO working closely together. ● Rapid response: Every second counts, Christopher Ling is a Senior Vice President at Booz
The CIO serves in a role analogous to the and the best response teams will be capable Allen Hamilton and leads the firm’s cyber military op-
military’s armed services, creating, training of conducting a full analysis life cycle, in- erations business.
Reprinted with permission from the Washington Business Journal. ©2012, all rights reserved. Reprinted by Scoop ReprintSource 1-800-767-3263.