In Cooperation on Cyber, the Children Must Lead
All the involved parties concerned about cybersecurity must find new ways of cooperation to meet the changing threat picture, experts say. These efforts ought to begin in elementary school, where children should be introduced to cyber and encouraged to stay out of trouble that would prevent them from pursuing a career in cybersecurity.
These were among the many points by a panel of experts addressing cybersecurity priorities on day two of TechNet Indo-Pacific 2019, being held November 19-21 in Honolulu. The panel, sponsored by Women in AFCEA and featuring five women from government, industry and academia, explored several areas of concern along with recommendations.
Cyber education came in for considerable discussion. “The cyber workforce issue is so severe that all of us have no choice but to start at the elementary school level,” said Ruth Youngs Lew, program executive officer for Enterprise Information Systems (PEO EIS), U.S. Navy. From academia, Jodi Ito of the University of Hawaii called for increased emphasis on mathematics in early years to form a good basis for a cybersecurity education.
We have to provide an open and unfettered environment to our communities. We work to keep those information systems separate from our network.—Jodi Ito, University of Hawaii #AFCEATechNet— Bob Ackerman (@rkackerman) November 21, 2019
But one oft-overlooked aspect of cyber education was addressed by Vice Adm. Nancy Norton, USN, director, Defense Information Systems Agency (DISA). “You should tell your children, your grandchildren, your nieces and your nephews to make sure they maintain their eligibility for a clearance. ‘Don’t do stupid things that would shut doors to you for the future,’” was the warning she issued.
You should tell your children, grandchildren, nieces and nephews to make sure they maintain their eligibility for a clearance. “Don’t do stupid things that would shut doors to you for the future.”—Vice Adm. Nancy Norton, USN, @USDISA #AFCEATechNet— Bob Ackerman (@rkackerman) November 21, 2019
The admiral also brought up the topic of human failures in cybersecurity measures. “We can’t assume that our users are going to do everything we told them to do the way we told them to do it,” she said of defense personnel.
Connie Lau of Hawaiian Electric Industries allowed that her company feels it is a cyber target because it supplies all the electricity to the U.S. Indo-Pacific Command and its bases in Hawaii. As part of the critical infrastructure, it tests its personnel regularly in cybersecurity. If a person flunks the phishing test, he or she will be terminated because of the vital work the utility does, Lau said.
Lau described efforts to work with government. “Some risks are so high they are beyond the capability of a company. So we work with the government,” she said. “We are working with the government on putting sensors on our system that can collect information and put it up on networks where our national labs can share it,” she reported.
Adm. Norton suggested, “We have to consider what is the role of our National Guard in protecting our cities, counties and hospitals that are suffering from ransomware.” That would open up a new area of cooperation between government and the private sector. DISA already relies on industry for much of its cybersecurity capabilities, she noted.
We following an ABC—adopt, buy create—model. Only last do we create what we need, because that takes too long. I couldn’t adopt this model if it weren’t for the things that industry does so well.—Vice Adm. Nancy Norton, USN, @USDISA #AFCEATechNet— Bob Ackerman (@rkackerman) November 21, 2019
“We follow an ABC—adopt, buy, create—model. Only last do we create what we need, because that takes too long. I couldn’t adopt this model if it weren’t for the things that industry does so well," the admiral stated.