Dive Brief:
- A reluctance to share threat information between the private and public sector, as well as a glaring talent gap, is limiting recent cybersecurity efforts, according to John Wood, CEO of Telos Corporation, speaking Tuesday at a Cyber Week panel in Washington D.C. The future workforce is a particular concern because of a general lack of interest in math and science, which is often required to pursue cybersecurity careers, he said.
- Barriers also exist in translating cyber concepts to leadership lacking expertise in the matter. Reports are typically bogged down by technical jargon, and it is the responsibility of conversant cyber experts to creatively present information that can convey a threat's attributions and therefore be granted permissions needed to act, according to Meredith Burkart, an FBI affiliate and assistant professor at the Center for Security Studies at Georgetown.
- However, communication cannot only be reserved for those within an individual organization's workforce. Creating a "common language" between the two sectors is the first initiative cybersecurity experts need to create to "normalize data" and its accessibility, according to Burkart. A streamlined language could prevent vulnerabilities prone to bad actors.
Dive Insight:
It is no secret that cybersecurity requirements are outweighing the available qualities in the field. Currently more than 60% of those in IT claim their security departments are either understaffed or lacking in the appropriate skills. There about 300,000 unfilled jobs in cybersecurity, which can weaken security efforts.
Partnerships between the public and private sectors are often strained by fear, but streamlining cybersecurity measures could create transparencies in operational tactics. Still, even in light of the DHS' decision to remove all Kaspersky Labs products from the federal government's technical landscape, it cannot impose the same regulations on corporate America.
As international countries are garnering momentum on the cyber front to combat the U.S.' persistent dominance in military, finance and cyber, Wood claims cyber superiority is the next "race to the moon."
Many security professionals become frustrated from an inability to convince leadership of cyber tactics, which are often considered unquantifiable concepts. The case is the same for even the highest of offices, the president.
Burkart explained how the intelligence community boosted the U.S.'s cyberwar tactics on the Iranian government by physically displaying the attack, now known as Flame, to then president, George W. Bush. Flame was designed to target Iran's nuclear program, but previous reports had not convinced Bush to carry out the attack.
To properly convey to Bush the mission's potential destructive impact, the team tested a sample of the attack on the homefront and then "dumped a pile of rubble in front of Bush in the Situation Room," and that demonstration convinced Bush to execute the attack.