Preventing and fighting cybersecurity threats has little to do with having the most advanced technology and everything to do with having a well trained workforce, according to a panel of IT and homeland security officials who met in Washington this week to discuss the issue.
Cybersecurity experts, as well as state and local government representatives, met at the three-day AFCEA Homeland Security Conference in Washington, D.C., to discuss homeland security IT issues.
To get that workforce, the government must look beyond social stigmas, said panelist Ovie Carroll, director of the Cybercrime Lab for the U.S. Department of Justice. Many of the people who are most knowledgeable about cybersecurity are high school and college dropouts -- two demographics that are often overlooked by the government, he said.
The best defense strategy for cybersecurity, said Major TJ O’Connor, is to be on the offense and have people who know how to think like a hacker. O’Connor noted that he got one of his first offense lessons during his hours playing the war video game Command and Conquer while at West Point.
Cyberattacks could take minutes to cause wide-reaching damage. So to speed up the response time, the role of local law enforcement in fighting cyberattacks needs to be defined, said Lieutenant Colonel Robert Fanelli. Policymakers also need to define what a cybersecurity threat is. They must set quickly guidelines for deciphering between a criminal behavior and an annoying one, he said.
“Responding effectively to an incident does not leave a lot of time for debating policy,” Fanelli said. “What happens if a major incident happens tomorrow night? Are we ready to go?”
There are a number of ways to defend against cyberthreats – many of which people not well versed in computer science may not understand -- but the panelists offered a few key tips for federal, state and local stakeholders to take into account:
Despite any measures the public sector takes to guard against cyberthreats, though, any attack on the private sector can be just as damaging to the public sector and the people it serves. “What about all the privately owned networks? How do we get them to care?” asked Fanelli. One possible answer, he said, is offering incentives – such as tax breaks -- to companies that safeguard their networks.
[This article originally was published at Governing.com.]