Valuable Federal Cybersecurity Training for Critical Infrastructure Organizations

Last week I wrote two blogs about cybersecurity, critical infrastructure organizations, and the US government. Now I'll discuss valuable federal cybersecurity training for critical infrastructure organizations.

Topics: Cybersecurity federal government Critical Infrastructure

Federal Cybersecurity Carrots and Sticks

In my last blog, I highlighted a recent ESG research survey of cybersecurity professionals working at critical infrastructure organizations. As a review:

Topics: federal government Critical Infrastructure Critical Infrastructure Protection threat intelligence sharing

White House Cybersecurity Coordinator Is Kind of Right – but Mostly Wrong

Poor Michael Daniel. The White House cybersecurity coordinator and the man who “leads the interagency development of national cybersecurity strategy and policy” is taking a beating in the press. In a recent interview with federally-focused media outlet, GovInfoSecurity, Daniel defended his lack of security technology experience with the following statement:

"You don't have to be a coder in order to really do well in this position. In fact, actually, I think being too down in the weeds at the technical level could actually be a little bit of a distraction. You can get taken up and enamored with the very detailed aspects of some of the technical solutions and the real issue is looking at the broad strategic picture."

Topics: Cybersecurity Information and Risk Management Security and Privacy federal government

What President Obama CAN Do About Cybersecurity

When it comes to cybersecurity and public policy, I’m as big a cynic as anyone. Why? From a historical perspective, cybersecurity issues were first recognized during the Bush administration (41, not 43). Over the subsequent 20+ years we’ve experienced misinformed rhetoric, overlapping agendas, and inaction, but little meaningful progress.

Now I realize the President has some higher priority issues to deal with and that cybersecurity is neither sexy nor universally understood. That said, however, there is no denying that things are getting progressively worse. Just this week, congressman Mike Rogers (R, Michigan), stated that he believed that 95% of private sector networks are vulnerable and most have already been attacked.

Topics: Cybersecurity Information and Risk Management Security and Privacy federal government state of the union president obama

More On The Security Skills Shortage Issue

I frequently peruse information security news, and recently came across this article. The article highlights Symantec CEO Enrique Salem's warning of a shortage of talented cybersecurity professionals in the United States. Furthermore, this shortage is especially pronounced where it may be needed most -- law enforcement, intelligence agencies, and the Department of Defense.

Topics: Information Security Cloud Computing Network Security Cybersecurity End-User Computing Endpoint & Application Virtualization IT Infrastructure Private Cloud Infrastructure Networking Information and Risk Management mobile Security and Privacy BYOD endpoint security DHS Symantec federal government nsa security analytics DoD security skills cloud security

Information Security Skills Shortage Continues

Like other analyst firms, ESG conducts research on IT Spending Intentions annually. The latest 2012 report will be published soon, but in the meantime, I've taken a look at the data that will be included. One of the things we track is IT hiring plans in all areas including IT security.

Topics: Information Security Cybersecurity Information and Risk Management Security and Privacy federal government ISC2 NIST security services CISSP security skills cloud security