SRA’s Dusty Rhoads and Jim McClave: How to strengthen your company’s cybersecurity

When it comes to cyber attacks, the time for collective resolve is now. Because of low barriers to entry — a group can perpetrate a malware attack without deep expertise or much money — the nature of the threat has invalidated or reduced the effectiveness of current signature-based cyber security protections. The consequences can be devastating. “Industry is starting to realize they’re very much a target of these organized crime elements and group-based threats,” says Jim McClave, vice president and director of SRA’s products and offerings strategic business unit. Recently McClave and Dusty Rhoads, a senior member of SRA’s information assurance and privacy solutions division for the national security sector, shared what their company is doing to strengthen the  cyber security posture of its clients — and how your organization can do the same.

What you can do

  1. SRA's Jim McClave

    SRA's Jim McClave

    Be proactive, not reactive. Here’s a typical scenario: An organization is breached, data is exfiltrated, and everybody scrambles to mitigate the problem. “We’re trying to become more proactive versus reactive,” says McClave. “Our view is that a lot of the current cyber security protective technology has holes in it because it basically detects what is already known,” he adds. SRA, by contrast, is repurposing a lot of its internal research and development activity to do anomaly detection. SRA is incorporating that work, as well as other intellectual property such as NetOwl (SRA’s Natural Language Understanding product), into cyber wecurity adaptive network defense reference architectures that are being offered to clients.

  2. Participate with US-CERT. “It’s very important for our industry counterparts to report cyber security-significant events to US-CERT so that a body of knowledge can be built up and exchanged throughout industry,” says McClave. Participation in IT Industry Security Advisory Council is also key, he adds. Such reporting fosters a holistic understanding of cyber security.  Anything less can be disastrous. “You can improve your cyber security posture but create vulnerabilities in other areas,” says McClave, about clinging to a piecemeal approach. “You may make it more difficult for your network to be penetrated but if you have inadequate physical security controls, background checks, etc., a person may still be able to get into your organization,” he adds.  McClave recommends a routine exchange of best practices with US-CERT, the IT Industry Security Advisory Council, and with its Government Security Operations Center engagements.
  3. SRA's Dusty Rhoads

    Dusty Rhoads

    Invest in your people. “The weakest link in any computer system is the individual sitting in front of the keyboard,” says Rhoads. “I would suggest spending a lot more money on training individuals on what the threats are, how to recognize them, what not to do, what is safe and what is not,” he adds. Simple reminders on a regular basis, training that is based on specific and personal examples to bring home, and training focused on the younger employees who live on cyber devices, are key. At a company or department/agency level, training could include entry-level cyber security training courses for all personnel. For administrators, “boot camps” focused on the latest IT and IA certifications required by government can be very useful. Such training would acquaint participants with best practices, certifications such as CISSP and ethical hacking. A company should also consider an exchange program where employees focused on one client site go to another for a half day exchange of ideas about strengthening security operations centers. At the government level these exchanges could be for six months or more.

What are you doing to strengthen your organization’s internal cyber security efforts? Share your comments here.

email
Filed in: Cybersecurity, Executive Spotlight Tags: , , ,

You might like:

Serco Introduces UK-Based Cyber Training Program; Richard Preece Comments Serco Introduces UK-Based Cyber Training Program; Richard Preece Comments
NSA Adds NYU School of Engineering to Exclusive Cyber Security List NSA Adds NYU School of Engineering to Exclusive Cyber Security List
HP Looks to Extend Data Protection with Cloud, Encryption Solutions HP Looks to Extend Data Protection with Cloud, Encryption Solutions
Bill Stewart: Booz Allen Finds Cyber Attacks the Top Security Concern of Finance CIOs Bill Stewart: Booz Allen Finds Cyber Attacks the Top Security Concern of Finance CIOs

One Response to "SRA’s Dusty Rhoads and Jim McClave: How to strengthen your company’s cybersecurity"

  1. I work for a company that has been in network security for over a decade, Blue Ridge Networks, which got its start securing communications among offices and people–VPN, leveraging the strongest forms of cryptography available and practical. In all this time, not one breach, not event a reported vulnerability. Our experience with national security, finance, and other target-rich organizations led us to the paramount importance of securing the endpoints of an organization. Far too much attention is focused on the network. But, that’s a long digression.

    I agree that training employee has value. However, employees have been taught not to open email attachments for eons or visit strange website; they still do. The greatest priority for preventing data leaks from an organizations is securing the endpoints with greater control, audit, and protection, while minimizing dependence on employees making sound security decisions. Control/audit means hardening configuration settings where practical, preventing unauthorized changes, and constantly looking for them. Protection means moving beyond the technologies created over a decade ago to stop malware attacks. Signature-based solutions stop OLD malware, for which nearly any OLD malware sample can be re-crafted into a NEW sample in minutes. Organizations need to get their collective heads out of their … past, and onto new ways sto protect PCs. Lastly, IT folk should focus on the usability and operational burden of the anti-malware systems they evaluate. This is far more important than most realize.

Leave a Reply

Submit Comment

© 2014 ExecutiveBiz. All rights reserved.