My career in cybersecurity started 25 years ago at Duke University. I had spent 14 consecutive hours in the computer lab because computer time was limited back then. Suddenly, my model disappeared. My input data source files disappeared — all my compiled files were gone. My data wasn't coming back, no matter how many times I put that floppy disk in and out of the drive.
A few weeks after that experience, I asked a computer science professor to sponsor me under independent study. I taught myself programming languages and I went through hardware architecture. I never wanted to experience data loss again.
I just lost a homework assignment but when data is lost in the business world or in government, it has a much more significant impact.
When we think about cybersecurity and related technologies, there are some common threads no matter the size of the system. We have the actor, we have the defenders, we have employees, we have consumers and we have customers. They are all human. The constant in all of this is the human. System vulnerabilities that were caused by how some code was written some time ago isn't the issue. The issue is how people interact with those systems.
We have to look at the actor who has specific motivations and understand those behaviors so we can design more resilient systems, which is what the defender is looking to do. We have to think about our employees who, no matter how many warnings are issued, will click that malicious link. And we have consumers who don't have proper cyber hygiene to really understand the risks they're exposing themselves to in the connected world of smart TVs, smart refrigerators and smart cars.
So, as cybersecurity experts, how do we deliver capabilities that take all those different factors into account?
One critical first step is taking a close look at automation to see how it can address some of the challenges in the domain. What type of automation would I advocate? It might surprise you, but the first automation I suggest is around the "insider threat."
I also believe we need to look deeper at automated threat intelligence. There are automated threat intelligence platforms that move us from the reactive, signature-based analytics toward behavioral analysis of networks before those threats take place. We call it proactive, threat hunting.
We're not going to be able to put a cybersecurity expert in every home. Instead, companies can hire a managed security service provider to fill their teams' resource or expertise gaps. That approach avoids investments on infrastructure that can't be maintained by the in-house team and provides the robustness of security needed in today's interconnected environment.
By turning to automation when possible, we can allow our cyber experts to spend time on that which is critical and not on mundane, repetitive tasks.
But that still doesn't get us there.
We need to look at the workforce of today and the next generation. By 2020, it's been estimated there will be a need for more than a million cybersecurity experts. Today, there are only about 75,000 Certified Information Systems Security Professionals in the United States. That's our reality.
For many, a cybersecurity professional's work is a mystery. The only image they have of this profession is what they see on TV and at the movies: Usually the image of a goth-looking young man in a dark room who is isolated, wearing a hoodie, sipping on an energy drink and eating corn chips.
It is up to us to change the image of how cybersecurity professionals are seen. It's up to all of us to prioritize attracting the next-generation cyber workforce.
In cyber, the constant is the human. When we look at solutions, we have to look at enabling them to address the evolution of human's role in our technology systems. And we must address the talent gap to ensure the security of data on the systems of tomorrow.
Valecia Maclin is a program director in the Cybersecurity and Special Missions business area within Raytheon Intelligence, Information and Services. Her leadership duties span key cybersecurity programs, services and operations that support U.S. government agencies and coalition partners.
Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.
