In light of the rapid evolution of current threats to government information, current government cyber culture is making it too easy for hackers to target government information, according to cybersecurity experts.
“We’re making it way too easy,” said Marianne Bailey, principal director in the Office of the Deputy Chief Information Officer for Cybersecurity at the Department of Defense. “Russia, China, Iran, very capable adversaries, we’re making it easy for them.”
Bailey and other government and industry cybersecurity experts spoke Tuesday on a panel that focused on the evolving cyber threats to the nation, and what the government should be doing about them.
RDML Gene F. Price, deputy commander of U.S. Fleet Cyber Command and U.S. 10th Fleet of the U.S. Navy, explained that sophisticated adversaries, such as those sponsored by nation states, are becoming the most common threats to government data.
“We’re not worried so much about teenagers in their parent’s basement; what we now have are people who are trained, who look at what we do, who are very adept,” said Price.
Other panelists addressed the fact that recent threats require a much faster reaction time to mitigate than those of the past.
“Fundamentally, I think we have to embrace the fact that the cyber war and the cyberspace, cyber protection, cyber defense, whatever you want to call it, real time is the only time,” said Gus Hunt, Federal cybersecurity practice lead at Accenture.
“Now we’re seeing where the adversary will move in a matter of hours,” agreed Price. “Our response time has had to increase exponentially just to keep up.”
“We are in this for the long haul,” added Hunt, explaining that this kind of speed and sophistication of attack will continue to be a problem. “We are in a continuous race of capabilities.”
“We would have, I think, a little bit easier job if we focus our resources,” said Bailey. “We have to protect ourselves from that entire spectrum of very, very simple intrusions.”
Many of the panelists pointed to the Internet of Things and Bring Your Own Device policies as areas that pose a major threat, and therefore require cybersecurity focus.
“We need to start focusing on how we’re going to be prepared for that one event that’s going to proliferate and do bad things to the mission because of one device,” said Peter Kim, senior information security officer and director of Task Force Cyber Secure and deputy director of Cyberspace Operations and Warfighting Integration in the U.S. Air Force.
“I think the time is long overdue for a national call to action,” said Hunt.