United We Stand-Divided: Cyber Free Fall?
"Pushing the envelope" has meant many things over the years. Boundaries range from space, where a test pilot in a fighter jet first dared to reach beyond Earth's gravity, to the laboratory, where researchers have vied for critical scientific breakthroughs that change lives. But now that envelope has expanded to include the ethereal realm of cyberspace and cyberattacks, and with the expansion, the recognition that only together will the separate organizations succeed in overcoming threats. The new U.S. National Cybersecurity and Communications Integration Center (NCCIC), under the DHS umbrella, aims at being the one-stop shop for monitoring and protecting U.S. cyber infrastructure and networks. What's needed for success? Expanding the public-private sector cooperation already underway at the center. Executive Editor Maryann Lawlor examines this cooperative mission and other NCCIC goals in her article, "Center Fortifies Cyberspace Front Line," in this month's issue of SIGNAL Magazine. NCCIC is built to accommodate representatives from numerous organizations, but DHS currently focuses heavily on the federal executive civilian branch-the .gov domain. It works best, however, when government and industry personnel work as a team. To accommodate a cooperative environment, the impressive center has a three-tier classified watch floor featuring a knowledge wall and 61 computer stations staffed 24/7. One NCCIC tool is the EINSTEIN program, a US-CERT automated process that manages security information across the federal government. The center also has a malware lab where experts examine and mitigate threats. To protect nongovernment-owned infrastructure, NCCIC's operations center is already interoperating with some government agencies and corporate entities. According to DHS' Rear Adm. Michael A. Brown, USN, deputy assistant secretary for cyber security and communications, the next few months will be spent determining how best to operate together:
We are merging and synchronizing operations, as opposed to merging the organizations, and that's just the beginning. There is a lot more we want to do with the public-private partnership in building out capabilities and capacity.
The cybersecurity realm also calls for a rare breed of professionals with a unique skill set, and they're hard to find. DHS has increased the number of cybersecurity professionals it's hiring, Adm. Brown says:
We're looking for analysts and engineers who can work together. And we're not the only ones who are looking for these skills; both the private sector and other government organizations are looking for these professionals, and that's the challenge-people.
Personnel are the most important part of the cybersecurity equation, along with the best technologies, which they require to do their jobs right. NCCIC plans to ensure that no matter how much further the envelope of cyber technology is pushed, the fruits of our cyber labor won't be breached. Do you believe the NCCIC is equipped to handle and accomplish its mission? Can any single organization be? Will layers of bureaucracy hinder its effectiveness? Discuss your ideas here.