https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookie Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
    • Product Guides
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Terms of Service
    • Privacy Statement
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

View From The Top


Commentary

People and technology: Rethinking the cybersecurity challenge (Part 1)

People and technology: Rethinking the cybersecurity challenge (Part 1)

By Angela Heise — Lockheed Martin vice president examines the roles that technology and human awareness play to establish a successful cybersecurity strategy.
  • Written by
  • 16th October 2012

Angela HeiseBy Angela Heise

Cybersecurity is often viewed as a technology challenge. Because cyber threats exploit technology, the logic goes that the threats must be thwarted through technology. This thinking has some merit — to a point. Tactically, many of the tools inundating the cybersecurity marketplace are effective at accomplishing a specific task or bundle of tasks for which they were designed.

From a strategic standpoint, however, cybersecurity solutions that rely predominantly on technology are woefully inadequate. This vendor-driven approach to cybersecurity lulls organizations into believing that tools provide the entire answer to their security challenges. In reality, vendor-driven security is the fundamental reason that so many organizations find themselves playing an unwinnable game of catch-up in a perpetually escalating arms race against cyber criminals.

Through many years of supporting defense, intelligence and civilian agency computer systems and data networks, we have determined that the ultimate answer to effectively defending against and defeating cyber criminals lies not in tools but in the people who use them. Rather than tools driving the analysts, the analysts must drive the tools.

We call this intelligence-driven computer-network defense, and it recognizes that only trained professionals are capable of: understanding the motives of the adversaries and context of the intrusions; sharing their knowledge with key partners; and exercising the judgment that allows resources to be allocated in a manner that maximizes their effectiveness.

An example of the benefit of the intelligence-driven approach to cybersecurity is our “cyber kill chain,” which draws from the knowledge of industry partners and our own experience to identify the seven stages of an advanced persistent threat (APT) intrusion.

The kill chain is being used by leading experts in the cyber community to develop better strategies for threat detection, response, and allocation of resources to the most-dangerous threats. This approach overturns traditional security thinking that says adversaries need to be right only once, while defenders must be right 100% of the time. Using the kill-chain model, the adversaries need to be right seven times, and defenders only once.

But the kill-chain approach must be implemented by trained cyber professionals to be effective. It’s not a software package that can be installed once and periodically updated. The analysts who incorporate the kill chain into their security strategy do rely on a variety of tactical tools at each stage, but they are driving which tools are used and in what manner — not the other way around.

Therefore, perhaps the biggest challenge we face in the cyber community is elevating the cyber tradecraft and the training and development we provide to the professionals who practice it. In two follow-up posts, we’ll provide insights on how organizations that depend on robust cybersecurity can improve the skill level of their cyber professionals through recruiting and training, and how they can make their systems more secure through improved collaboration and knowledge management.

Part 2: Attraction and training: The keys to developing cybersecurity talent

Part 3: Knowledge management and collaboration: Key traits of robust cybersecurity

What do you think? Tell us in the comment box below.

Angela Heise is Lockheed Martin IS&GS-Defense‘s Vice President of Enterprise IT Solutions, a unit entrusted by U.S. Army, Air Force, Navy and other U.S. Department of Defense customers to support many of the nation’s most-critical information-technology challenges.

Tags: Network Network Operations & Maintenance Security System Maintenance Commentary Cybersecurity Enterprise Federal Government/Military Security Software System Design System Operation Training View From The Top Commentary

Most Recent


  • AT&T becoming a “public-safety company” with FirstNet, NG911 work, exec says
    AT&T has long been one of the greatest consumer communications brands in the world, but the carrier is beginning to become “a public-safety company” through its first-responder-centric efforts in the development of FirstNet and next-generation 911 (NG911) networks, according to Scott Agnew, the new COO of AT&T’s FirstNet team. Two weeks ago, AT&T executives revealed […]
  • U.S. government plans to block all tech exports to Huawei–reports
    The Biden administration is weighing a plan to block the export of all US-sourced technologies to Huawei – the latest escalation in Washington’s years-long campaign to throttle the Chinese firm. The new bans, first reported by Financial Times (paywall applies), would likely fall most heavily on firms such as Intel and Qualcomm that sell Huawei server and […]
  • Command-injection bug in Cisco industrial gear opens devices to complete takeover
    A security vulnerability has been found in Cisco gear used in data centers, large enterprises, industrial factories, power plants, manufacturing centers, and smart city power grids that could allow cyberattackers unfettered access to these devices and broader networks. In a report published on Feb. 1, researchers from Trellix revealed the bug, one of two vulnerabilities discovered that […]
  • AR-based next-gen maps aim to rebalance detail and simplicity
    Every sat-nav user is familiar with the chagrin of missing their turn because the map’s lines and circles don’t resemble the real world. Yandex is blaming maps, not users, for these errors. At its annual conference in December, the company presented its re-designed maps boasting natural-looking 3D objects such as trees, bus stops, colored buildings, […]

Related Content

Commentary


How 5G is making cities safer, smarter, and more efficient

26th January 2023

3GPP moves Release 18 freeze date to March 2024

18th January 2023

Do smart cities make safer cities?

  • 1
6th January 2023
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

AT&T becoming a “public-safety company” with FirstNet, NG911 work, exec says dlvr.it/Sj8FXL

9th February 2023
UrgentComm

Command-injection bug in Cisco industrial gear opens devices to complete takeover dlvr.it/Sj6X3l

8th February 2023
UrgentComm

AR-based next-gen maps aim to rebalance detail and simplicity dlvr.it/Sj4gdM

7th February 2023
UrgentComm

Vodafone UK starts ‘risky’ shift to 5G standalone dlvr.it/Sj4dPJ

7th February 2023
UrgentComm

ChatGPT may be fastest-growing app of all time, UBS Says dlvr.it/Sj4NfL

7th February 2023
UrgentComm

Public-safety coalition renews efforts to secure federal NG911 funding dlvr.it/ShwGfn

4th February 2023
UrgentComm

Newscan: Cyberattacks on DoE national labs draw lawmaker scrutiny dlvr.it/Shvpw3

3rd February 2023
UrgentComm

The shine begins to wear off 5G private wireless dlvr.it/Shth0P

3rd February 2023

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.