When I was a little girl, my family moved from Bronx, N.Y., to our new house in Potomac, Md. It was approximately July 2, 1976, two days before the nation’s bicentennial and the biggest July 4th celebration in 100 years.
My father, a NASA computing pioneer, had told me about the significance of the bicentennial and took me to buy the family a TV so we could watch the parades. My father planned to pay with a check from his New York bank, but D.C. merchants only accepted checks from local banks. We opened a new bank account and purchased a 12-inch black and white with rabbit ears, watched the parades, and then proceeded downtown in an old car and heavy traffic to see the fireworks, which clearly I still remember as a symbol of our country and the effort we make to celebrate and to protect.
Many years and fireworks celebrations later, I went to work at the Department of Homeland Security for Under Secretary Suzanne Spaulding, for the same reason – the effort and honor of protecting and serving my country. Under Secretary Spaulding has a vision of how we can not only strengthen our cyber defenses and improve our agility, but also how we can activate our field forces and organization to embrace the inevitable – that everything important to our way of life can be controlled by computer instructions. Modern connectivity makes computers vulnerable, and we must integrate our cybersecurity strength of action, intelligence, and response into every part of our infrastructure.
The speed of both computer processing and information transport "bandwidth" has increased exponentially and has enabled everything in our world, from the operations of our water and energy utilities to our food, drug, and medical device capabilities and safety. We benefit from lightning fast operations and decisions that can be executed remotely or even automatically. Our entire infrastructure has been "lit up" with cyber. While that provides unimaginable advances in technology, we must also light up our responses to threats.
When I came to DHS, I was asked to provide the vision for our cyber operations. I call this vision the self-healing network, analogous to an immune system, where cyber threat information used in transporting and protecting network traffic is combined to create an overall situational awareness picture. That picture, often called in the visualization context the “cyber weather map,” also enriches the indicators that the National Cybersecurity and Communications Integration Center (NCCIC) shares and gets us closer to a machine knowing not to execute a harmful instruction – thus averting a threat. We have built that system and our programs are running strong.
As we celebrate October’s 13th National Cyber Security Awareness Month (NCSAM), one of the greatest challenges we face is helping individuals, businesses, and governments understand how deeply computing technology has been embedded in our lives.
Three years ago, I left my job as a Chief Technology Officer with a global cutting-edge private sector company to help the government sharpen its programs to enable and protect our national infrastructure that has been "lit up" with advanced computing technologies. Everything from water and energy utilities to medical devices to food and drug production systems benefit from lightning fast operations that can be managed remotely or automatically. That provides exponential advances in speed, cost, and quality but also add new places where our reliance on computer instructions can make us vulnerable.
Even our own field of cybersecurity is “lighting up.” When I started at the National Protection and Programs Directorate, we relied on manually entered signatures of known attacks to detect and block intrusions. Today, with help from our privacy and civil liberties experts, we have leveraged our cyber operations center, the NCCIC, to use advanced analysis on a combination of unique government and private sector data to detect potential harm and harmful trends long before they could become destructive.
And with our Automated Indicator Sharing system, we can push these indicators out to the entire cyber ecosystem at light speed – literally the speed of machines as machines detect threats and inform others. Such a transition is a leap, from a “vaccine”-based approach to a responsive “immune system” that can respond and adapt to new threats. It is a transition toward our vision of a self-detecting, and self-healing network, and one we must make if we are to protect an ever growing and diversifying cyber ecosystem.
As the world around us “lights up,” October is an opportunity to think about how we make our parents, bosses, friends and co-workers aware of the opportunities and risks that come with connectivity. Use this month to look at your enterprise and think about the computer-enabled devices you may never have worried about before. Explain to your children how their texts and Snapchats could follow them around for life, even if the app promises to delete them forever. Sharpen your metaphors for explaining to your company’s board how a cyber breach could impact not just payroll but also production and help drive the discussion of cyber resilience and preparation for physical consequences of cyber events.
Finally, please help change from a culture of hiding potential cyber intrusions to reporting them so that others may benefit from the information, and so that the NCCIC can push out information in the form of indicators in the cyber immune system to protect others.
The 21st century will be a connected century. Soon, I expect computers will be in almost everything except perhaps our food. October is a chance to remind ourselves that as the entire world “lights up” around us, we need to be aware, agile, and adaptable to keep our homes, businesses, and governments safe and secure.
Most of all, technology is amazing and our country is special. Good cybersecurity and making the effort to take responsibility for how we use technology can help us enjoy and protect both, and can enable scientific advancements to make our world better, safer, and more fun. And that is a great example of homeland security.
This article is published as part of the IDG Contributor Network. Want to Join?