In-Q-Tel CISO Dan Greer Wants Human Touch in Security Loop

Site: Nist.gov

We no longer live in a time where disconnecting critical infrastructure components from the Internet is a viable options, a top security officer from In-Q-Tel told Boston Source conference attendees Wednesday. 

Disconnecting the power grid and water utilities from the Internet for security is good in theory but is is unrealistic in practice, said IQT Chief Information Security Officer Dan Grer, PC Magazine reports. 

People that do not use the Internet will likely rely on someone who does, a Pew Foundation report has found. 

It may seem intuitive to assume critical infrastructure components should not be accessible over the Internet in order to maintain security, but Greer said that is unrealistic.

It may be better in some cases if people still play a role in systems’ security, Greer said. 

All systems should have a manual fallback that would allow humans to step in when necessary, Greer suggested.

He said he wants humans back in the security loop, especially in systems where they have been removed.

Greer cited a financial institution that would only complete his written request if he re-submitted it electronically. 

By completing processes in an automated way, the institution introduces risk, since requests submitted this way do not have a method for signature verification, Greer said. 

Greer highlighted a hospital computer outage where doctors and laboratory personnel were forced to revert to paper for four days.

People with experience in the traditional processes were able to cope while others could not, he said. 

The staff’s ability to complete tasks manually was a huge factor, according to Greer.

He suggests financial institutions as well as others should have the same capabilities.

Shawn Henry, the FBI’s former executive assistant director for cybersecurity, previously suggested the U.S. cybersecurity method is unsustainable

Filed in: Cyber Tags: , , , , ,

You might like:

Glenn Bindley: Redlen Technologies Raises $6M to Develop Radiation Scanners Glenn Bindley: Redlen Technologies Raises $6M to Develop Radiation Scanners
Unisys’ Dave Frymier: Cyber Framework Adoption Requires Standards, Incentives Unisys’ Dave Frymier: Cyber Framework Adoption Requires Standards, Incentives
Alastair Mitchell: In-Q-Tel-Backed Huddle Starts Work on Agency Collaboration Tool Alastair Mitchell: In-Q-Tel-Backed Huddle Starts Work on Agency Collaboration Tool
Bill Stewart: Booz Allen Finds Cyber Attacks the Top Security Concern of Finance CIOs Bill Stewart: Booz Allen Finds Cyber Attacks the Top Security Concern of Finance CIOs

Leave a Reply

Submit Comment

© 2014 ExecutiveBiz. All rights reserved.

A Digest of ExecutiveBiz's Daily Coverage of GovCon

  • Executive Analysis
  • Technology & Innovation
  • Business

Sign up for the ExecutiveBiz Digest