Each year, Loyola College recognizes information technology thought leaders who have made an impact in the field with the Lattanze Executive of the Year Award.
Dr. Phyllis Schneck, McAfee’s chief technology officer for the global public sector, recently received the award for technical vision for applications of global threat intelligence and cyber security efforts.
Schneck has more than 14 years of technical and policy experience in cyber security and infrastructure protection.
She told TheNewNewInternet that a fellow McAfee colleague nominated her for the Lattanze award and that made it even more significant on a personal level.
Schneck said the award is part of Loyola's Sellinger Business School program, which is planning to combine its IT and cyber curriculum in order to create a more holistic program.
Receiving such an award accounts for Schneck's upbringing, where she said she was surrounded by computer science and related experiences.
Schneck spent time at NASA, where her father was also employed before he became the founding director of the supercomputing research center at IDA.
He taught her the power of technology and the necessity of maintaining balance between new technologies and what it takes to protect those systems.
“My father designed and used some of the most powerful computers on the planet,” she said. “He took the time to tell me how they worked, and to explain the ethics needed in a world driven by computing in a time when so many enterprises were very vulnerable. I was always very proud of my Dad so I actually listened.”
While Schneck has been recognized for her contributions to the security field, the company she hails from is set to begin expanding its offerings to the security space at the hardware level.
Intel acquired McAfee early in 2011, and with the new parent company, McAfee now has the opportunity to co-design security directly into hardware, she said.
Schneck said the firm will be able to build security into systems early in their development, instead of having to band-aid systems' vulnerabilities later on.
McAfee is a global business and Schneck supports the public sector business supporting federal, state and local governments worldwide.
Each public entity McAfee supports faces similar threats, ranging from economic threats to kinetic cyber events, she said.
McAfee works to provide customers protection by studying all aspects of cybersecurity technology, she said, ranging from the behavior of the adversaries to the new methods of interaction with computer hardware.
“We are the world's largest security company, and we take that responsibility very seriously for our customers, country and global community,” Schneck said.
Organizations remain very vulnerable to quiet, insidious intruders, who enter a system and copy the information they want while often unnoticed.
Schneck said intruders of this kind steal organizations' information without notice, moving money and markets between companies and countries, changing world economies forever.
“Someone stealing a car is far more noticeable than someone stealing military, economics or war secrets through cyber espionage,“ Schneck said.
Kinetic threats can result from vulnerabilities in the electric grid and the critical infrastructure.
Good housekeeping mitigates most threats, Schneck said.
“We need greater incentives, potentially in the form of affordable cybersecurity insurance or tax reforms to invest up-front in quality cybersecurity,” she said. “This is not an area where regulation is going to help — the world needs more innovation.”
Installing basic security programs, using strong passwords or applying whitelisting methods that only allow good programs to be run can largely protect organizations, she said.
“It's the quiet, insidious insider that really takes a lot of effort to find since they have no legal boundaries and are often nation-state funded,“ Schneck said. “The skilled and resourced cyber adversary is a formidable opponent that sports an agility that only comes with a lack of legal, competitive, political and financial boundaries.“
As government agencies plan to migrate systems to the cloud, Schneck said the major focus and challenge then transitions to protecting data in motion and at rest instead of just data residing in one location.
Schneck described cloud as a connected and glorified, but efficient mainframe that shares cost, space, electricity and energy.
The challenge in sharing data centers is keeping agencies' data confidential, separate from others' data and secure.
Schneck said agencies should ensure their data is encrypted so that unauthorized users cannot access it, but encourages embracing new means of efficiency with the right protections.
In the end security is not an IT issue — it is actually a boardroom and executive issue, Schneck said.
Cybersecurity is about risk mitigation and setting acceptable levels of risk.
From there, it is about determining the best economies of scale to protect the organization and the infrastructure and data therein, she added.
“Done correctly, cybersecurity is a business enabler, which is one of the key messages I think students at the Lattanze center are developing,“ Schneck said. “It truly was an honor to meet the Loyola Faculty and students and to receive this award.“