Lynn DeCourcey oversees the cybersecurity line of business at NJVC in her role of vice president and general manager.
In this role, she led a team at NJVC that developed a cyber dashboard for users to view information on potential threats on a single console and the tool was selected in 2011 for the (ISC)² Government Information Security Leadership Awards Team Award.
In this conversation with ExecutiveBiz, DeCourcey discusses efforts by GovCon firms like NJVC and their agency partners to build up the future computer security workforce and how the role she believes industry will play in the Defense Department‘s new cyber defense strategy.
ExecutiveBiz: How have priorities for information security at agencies shifted?
Lynn DeCourcey: The top two talked about priorities are the need for cybersecurity talent and secure IT services that coincide and enable mission need and operations. With regard to cybersecurity talent, the pool of talent must be expanded and the lifecycle of cybersecurity subject matter experts must evolve.
Attracting and selecting the talent that currently exists must happen more quickly. Engaging and retaining the talent should be put into a perspective that realizes that the talent will move toward the challenges and opportunities of the day.
Raising awareness and understanding of the discipline and the career field to grow the talent pool is critical for the security of our nation. From a cyber business perspective, there are fewer pure play cyber opportunities; and this isn't necessarily a negative trend. What we are seeing are more secure information technology services acquisition requests that tie back to the secure empowerment of mission and operations.
ExecutiveBiz: How do you see industry participating in DoD's new cyber strategy?
Lynn DeCourcey: The strategy gives us a real opportunity to focus on not only innovation but automation. One appealing thing about the new strategy is the renewed focus on the acceleration of research and development of cyber capabilities. The strategy focus includes basic and applied research to develop leap-ahead cyber technologies that are iterated in the 2008 and 2009 versions of the Comprehensive National Cybersecurity Initiative.
In the current release, the emphasis on collaboration between government and private industry is an invitation that industry also recognizes as critical. This collaboration allows for more efficient, cost effective avenues to not only innovate but also automate.
It is the automation that will help to solve the talent scarcity that is not only about supply and demand. At NJVC, our cybersecurity professionals leverage automation to manage the mundane in order to actively address the anomalies.
ExecutiveBiz: Where can industry and agencies collaborate to recruit new cyber staff?
Lynn DeCourcey: A credible resource that is available today is the National Initiative for Cybersecurity Education. NICE has done a fantastic job covering the training, education and awareness landscape.
NJVC has been successful in leveraging the workforce component of the framework to integrate with our corporate culture as we define, build and capacitate careers for our cybersecurity professionals who protect our nation from existing and emerging challenges.
ExecutiveBiz: What particular skills and attributes are needed from that talent base?
Lynn DeCourcey: Generally speaking, the most effective cybersecurity professionals have both business and technical acumen, knowledge and skills. In any environment, it is important to be able to recognize and offer solutions for technical gaps, such as vulnerabilities or threat vectors, just as it is important to understand business and mission needs and the very often fine balancing act of coexistence between the entities.
Overlaps between or among technology and business can be inefficiencies. Build a solid technology foundation, strive for multi-disciplined holistic vision and keep current with technology and business best practices.
ExecutiveBiz: What other cyber trend do you have your eye on?
Lynn DeCourcey: One of the trends that we are watching closely at NJVC is the Internet of Things. The evolution of the Internet, from the early days of fixed connectivity to mobile connectivity and now the proliferation of connected assets and devices, presents many new challenges for cybersecurity professionals.
The challenge is for us to continue to innovate, automate and reduce the time between detect and react to the ultimate end state of preempt and prevent.