DHS CISO Talks About Authentication, Supply Chain and Internet Regulation

By Lloyd McCoy, Market Intelligence ManagerLloyd McCoy Jr.

At a recent immixGroup vendor demo day, Paul Beckman, CISO at the Department of Homeland Security, touched on several technological challenges and frustrations that concern him – topics ranging from patching to supply chain risk to the inevitability of security regulations surrounding the internet.

“I want to get out of the patching business,” Beckman noted, asking, “why can’t I go to automatic updates?” “I don’t understand why we’re still relying on the selected pushing of patches,” he continued. A decade ago a service patch might have created the “blue screen of death” on machines, Beckman said, so that even today, “the ops side of the house is telling me, ‘what are we going to do if we get a bad patch?’”

“My response to them is that restore capability has matured greatly in the last decade. Something goes bad in the machine, push a button, you’re back to where you were at midnight last night.” Beckman added that technology has advanced to the point where the bad patch argument can be discounted and end points can go to automatic patching.
Read more of this post

Is the Workforce Ready and Able to Fight Cyber Threats?

Lloyd McCoy Jr.By Lloyd McCoy Jr., DOD Manager

The federal spymuseumevent-0281government’s cyber workforce will be the biggest determining factor in how
well government agencies tackle the rising cyber threat. That was the prevailing theme at the Federal Cybersecurity Update 2016 held at the International Spy Museum earlier this week. The event was organized by immixGroup, FedInsider, and George Washington University Center for Excellence in Public Leadership.

Leading representatives from the federal government and academia emphasized the importance of an effective cyber workforce. They also pointed out that the general workforce should be considered cyber defenders since they have a huge responsibility in mitigating vulnerabilities by using proper cyber hygiene. Many of the panelists admitted they frequently spear phish their employees to boost awareness and enforce commonsense practices.

Read more of this post

%d bloggers like this: