Editor’s note: Matt Olsen, national security expert and co-founder of IronNet Cybersecurity, will deliver the opening keynote address at CSX North America, which will take place 2-4 October in Washington, D.C., USA. Olsen, who says ‘no company should go it alone in cyber space,’ visited with ISACA Now about the role of cyber professionals in counterterrorism, evolving forms of attacks and sharing of threat information. The following is an edited transcript:
ISACA Now: How would you characterize your experience with the National Counterterrorism Center? What components of your work did you find most fulfilling?
The National Counterterrorism Center, or NCTC, was established after the terrorist attacks of 9/11. The mission of NCTC is to integrate and analyze all sources of terrorism intelligence, and then to share that information with partners across the federal government and with state and local law enforcement. The creation of NCTC was one of the primary recommendations of the 9/11 Commission and has fundamentally reformed the way the federal government approaches counterterrorism.
I was fortunate to lead NCTC at a time when its role was firmly established in the nation’s counterterrorism efforts. The most rewarding aspect of working at NCTC was its exemplary workforce of analysts, operators and policy experts. All of the officers at NCTC were committed to protecting the country and, despite many career options, had chosen to dedicate their professional lives to national security.
ISACA Now: What are the most impactful ways that cyber security professionals can make their mark on counterterrorism?
There is a close relationship between cyber security and counterterrorism. We have seen terrorist groups seek to obtain sophisticated cyber tools to carry out destructive attacks against the United States. Cyber security professionals can help defend against these efforts generally by hardening their networks and by adopting industry best practices for cyber security.
ISACA Now: What type of attacks do counterterrorism professionals need to be best prepared for going forward?
Counterterrorism professionals need to be prepared for a wide range of attacks from terrorists today. The most likely type of international terrorist attack here in the United States is an assault by a lone wolf who has been radicalized by terrorist groups overseas, such as ISIS. Such an attack is likely to be unsophisticated, but difficult to prevent.
We also need to be concerned about more sophisticated attacks, such as the deadly assaults in Paris and Belgium, which were extensively planned and coordinated by ISIS. Finally, we suspect that al-Qaida remains interested in aviation targets, and has plotted repeatedly to plant a bomb on a plane headed for the United States.
ISACA Now: From your personal experience, how challenging is it to find qualified cyber security professionals who can handle complex threats?
In my experience, we face a significant challenge in finding cyber security experts to fill positions across the private and public sectors. By some estimates, there will be more than one million unfilled cyber security jobs in the United States by 2020. Meanwhile, there’s no shortage of adversaries and bad guys trying to hack into our networks. We need to work hard to ensure that educational opportunities exist to train the next generation of cyber security experts.
ISACA Now: What steps can or should governments take to be more effective at sharing threat intelligence information?
The effective sharing of cyber intelligence and threat information is essential to improving our cyber security. The government should take the lead in ensuring that our laws, regulations, and policies promote and facilitate the sharing of information among companies, and between companies and the government. For their part, companies should take advantage of legal changes over the past few years to enter into sharing arrangements with other companies.
Today, it is feasible for companies to share threat information and gain situational awareness in real time across economic sectors. No company should go it alone in cyber space. Only through a “common defense” approach to cyber security can companies gain the visibility and access to expertise on a widespread basis. This will lead to better cyber security for all.
[ISACA Now Blog]