in

Cyber Security expert at Deloitte's Federal Government Services, Colonel Gary McAlum, Discusses The Global Increase In Cyber Crime And Urges Government Contractors To Become More Aware Of The Global Threat of Cyber Crime

Cyber Security expert at Deloitte's Federal Government Services, Colonel Gary McAlum, Discusses The Global Increase In Cyber Crime And Urges Government Contractors To Become More Aware Of The Global Threat of Cyber Crime - top government contractors - best government contracting event
Gary McAlum
ExecutiveBiz had the pleasure of interviewing with Deloitte’s Colonel Gary McAlum, a cybersecurity expert and former chief of staff of US Strategic Command’s Joint Task Force Global Operations. Col. McAlum has testified before Congress for the US-China Economic and Security Review Commission, Col. McAlum believes that cyber crime has begun to play an increasing role in the global economy and that lawmakers should respond to this growing threat. Col. McAlum also applauds President Obama for building upon cybersecurity

Gary McAlum
Gary McAlum

initiatives from the previous administration which Col. McAlum believes will now increase public awareness of cyber crime and other cybersecurity threats.

ExecutiveBiz: Some Experts believe President Obama is building upon what was being done in the previous Administration, do you agree?

Col. Gary McAlum: Absolutely. You can go back as far as 1998, with the Presidential Decision Directive #63 that was signed by President Clinton recognizing our dependence on critical infrastructure. Then with the Comprehensive National Cybersecurity Initiative back in January of 2008 – I think a lot of mechanisms have been put in place to accelerate the focus on this issue. The current Administration has reaffirmed our dependence on this digital infrastructure that supports our national security and our economy, and takes it to another level when the President stated that it would be a key management priority for his Administration and he would use metrics to measure performance.

ExecutiveBiz: How is Deloitte preparing for the Administration’s focus on cybersecurity?

Col. Gary McAlum: Deloitte definitely believes this is a strategic issue and that it is something bigger than just a traditional information security problem for a Chief Information Security Officer or CIO to deal with – it’s a significant leadership challenge. One of the things that we continue to do is assess the legislative, policy and operational cybersecurity environment for the broader implications so that we can best support our federal clients with holistic solutions to their challenges. That’s something to remember — that while all of this is playing out in terms of the future, federal agencies have to deal with today’s problems. Looking at our capabilities internally and determining how we can leverage those to assist is a key part of what we are focusing on at Deloitte.

ExecutiveBiz: What do you think of the role of the Cyber Coordinator, Department of Defense’s new CYBERCOM should be?

Col. Gary McAlum: President Obama clearly stated that the federal government today is not organized well for dealing with the challenges of cybersecurity. The first thing the White House Cybersecurity Coordinator is going to have to do is work on a holistic national cybersecurity strategy that is truly synchronized across the federal government – that should be priority one. Regarding DoD’s new Cyber Command that organization will continue to build on what has already been occurring under U.S. Strategic Command for the past several years. So, this organizational change, while significant, is more evolutionary than revolutionary. The primary focus will continue to be on the “.mil” environment but undoubtedly there will be more emphasis on cybersecurity unity of effort across the federal government.

ExecutiveBiz: I saw that you were on the U.S. China Economics and Security Review Committee. How big of a threat is this from foreign countries?

Col. Gary McAlum: It’s no secret that nation states have foreign intelligence services, and that they have a variety of capabilities that they will use to gain information and intelligence, including accessing communications networks. So while this is a serious threat, it’s one that has been around for a long time. I think the bigger threat for most people comes from the threat of cyber crime. There is a significant amount of profit-driven cyber criminal activity going on all around us, particularly focused on data theft ranging from personal identity and financial information to obtaining organizational intellectual property. Organizations, especially financial, are being heavily targeted and successfully exploited in many cases. The cyber crime economy is exploding because of the profit margin that they are able to realize. Cyber crime involves not only traditional organized crime but new enterprises that are focused on leveraging technology and tools, as well as hiring very skilled people to conduct everything from online fraud to data theft and, in some cases, extortion. The cyber crime impact of what is happening today on a global scale is just as much of a concern to me as the most sophisticated threats on the far right of that spectrum.

ExecutiveBiz: What do you think the role of government contractors should be with the new emphasis on cyber security in the new Administration?

Col. Gary McAlum: The federal government hasn’t always done a very good job of defining what they need contractors to do and what level of performance they need to provide in the area of cybersecurity. However, you are going to see acquisition regulations being modified and contracts modified over time to be much more specific, and companies will continue to provide highly skilled and certified personnel. All of which is good and needed. However, contractors should continue to realize that they are being targeted by the same cyber threats that are focused on government networks by virtue that they are doing business with the government. They should focus on securing their networks and protecting information as much as the government is trying to do and, wherever possible, demonstrate excellence and innovation.


“Cyber crime involves not only traditional organized crime but new enterprises that are focused on leveraging technology and tools, as well as hiring very skilled people to conduct everything from online fraud to data theft and, in some cases, extortion. The cyber crime impact of what is happening today on a global scale is just as much of a concern to me as the most sophisticated threats on the far right of that spectrum” -Col. Gary McAlum


ExecutiveBiz: Do you think monetary incentives are needed, like insurance or tax breaks?

Col. Gary McAlum: There are a lot of ways to incentivize cybersecurity improvements but the more fundamental issue is having a clear definition of exactly what that means. Today, there is no common understanding of what defines success and how it is measured. Accepted standards and metrics are critical in this discussion of incentives and only make sense when you can point to a cybersecurity standard that clearly demonstrates how well one company stacks up against others. We can’t do that today. It’s little bit like car crash ratings in Consumer Reports. When prospective car buyers see how well a car does or doesn’t do in a crash test they are going to make value-based decisions more often than not. Wherever possible, they will probably pay more for a car that is safer. But the key is there are common standards and metrics involved in assessing the safety of automobiles. We need to get to the same type of standardized approach with cybersecurity. Once we understand what we are measuring and then normalize that across the private sector, the private market will drive performance improvements. When that happens, those companies and service providers that don’t do as well may go out of business or they will have to raise their standards. The free market is going to drive this area and some of that might be driven by tax breaks and incentives.

ExecutiveBiz: Where do you see the future of cybersecurity?

Col. Gary McAlum: In the next five years the level of public awareness is going to go way up, and that’s a good thing. Once you get outside the beltway, there is not a lot of understanding what this complex issue means to the average digital citizen, yet they are very much affected. We are right at the beginning of a process where you are going to see a lot more activity on a national level basis, kind of like the seat belt ads and anti-drug campaigns. You are going to see activities centered around raising the level of end user awareness, the private citizens who operating on this network that pretty much permeates all aspects of our lives; whether it’s using cell phones, texting, to doing online banking and shopping. Today the level of awareness is not where it needs to be, you are going to see that as an area of significant improvement in the next five years.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity News

mm

Written by Admin

Highlights From BlackHat And DefCon: Glitches, Spies and Recruiters
New Use for An Old Medicine - top government contractors - best government contracting event
New Use for An Old Medicine