Gary Gagnon joined The MITRE Corporation 24 years ago and has been working mostly in information security. Today, he is the corporate director for cybersecurity, responsible for defining the corporate strategy for cyber as well as managing its execution. Additionally, Gagnon leads security efforts related to MITRE’s IT infrastructure. Here, he talks to The New New Internet about MITRE’s latest cyber efforts, the biggest cyber threat today and recruiting top talent.
The New New Internet: An important consideration in cybersecurity is making sure that adequate security exists while still providing information to the people who need it. How does MITRE look to handle this issue?
Gary Gagnon: What we’ve come to realize over the years is that it’s really, fundamentally, about your architecture and how you design your networks. We think, at this point, that the adversaries we are seeing on the Internet are so determined to compromise systems that they’ll eventually get in. The only way to address this problem is through a redefined architecture, which protects your most sensitive data from that connection to the Internet. We talk about things like resilient secure architecture with zones of trust built into the architecture.
The New New Internet: What are some of the major cybersecurity efforts currently underway at MITRE?
Gary Gagnon: We are trying to reach out to the larger cybersecurity community about how you would redesign systems. How would you even talk about this in a common way: What’s the taxonomy and framework? How would you design these resilient architectures? So, not only are we thinking about ourselves and our internal architecture but we’re trying to engage the larger cyber community in a dialogue on how these new architectures would look and what their attributes should be.
The New New Internet: I understand that MITRE is running on Honeyclient as a method to fight malware distributors. Can you elaborate on that?
Gary Gagnon: The Honeyclient was a research activity that was started a few years ago. It was designed to combat the problem of email messages that users would receive with embedded links to external websites. Once somebody inside an organization clicked on that web link, their browser would go out to that site and it would compromise their computer. So, we introduced a research prototype to ferret out malware such as Internet worms. If the Honeyclient finds changes to sensitive system files or keys, it flags the URL as potentially malicious. We’re pleased to say that we believe commercial industry has picked up on this concept and there are products that are emerging now that do very similar things.
The New New Internet: What do you see as the biggest threat in cyberspace?
Gary Gagnon: I think it is economic. Opponents are attacking systems at an increasing rate. From a defensive side, this costs businesses a lot of money not only for protection strategies but also for cleanup. We somehow have to get our arms around this issue. We have to find a way to raise the costs for our opponents while not significantly raising the costs for our defenders.
The New New Internet: How important do you think the Cyber Command and Gen. Alexander as commander are to ongoing cybersecurity efforts?
Gary Gagnon: I think those were seminal events in that they really focused the attention of senior levels of both the military and the federal government on this topic. I’ve been in the business for a while and security has always been important, but this seems to have really raised it to a new level. It should go a long way in helping to develop coordinated strategies on how to deal with this topic.
The New New Internet: There has been a lot of talk about the lack of skilled cybersecurity experts. How does MITRE attempt to recruit and retain top talent?
Gary Gagnon: Yes, it is problem. We are reaching out to academia to identify those institutions that are providing students with cutting-edge programs in cybersecurity. One of the programs we partner with is Scholarship For Service, funded by the National Science Foundation to aid undergraduate and graduate students in this field. Inside MITRE, we think that every system engineer needs to understand cyber and how to incorporate it into their discipline. We want to have cyber be in the DNA of the MITRE system engineering brand.
The New New Internet: What has been your greatest challenge in the cybersecurity field?
Gary Gagnon: Talent. Finding qualified individuals who really understand the ins and outs of how to defend against cyber attacks has and will continue to be a challenge in the years ahead. Also, helping to motivate commercial industry to develop new and innovative products in this space. Many of the products that are out there today have been around for a while. I think we need some new thinking. We talked about what you do after first contact with your opponent. What might some products look like that help you in an agile defensive strategy?