A public-private partnership is crucial to improving IT security in the government and in enterprises, says Amit Yoran, head of the National Cyber Security Division in the Department of Homeland Security, in an exclusive interview with InformationWeek editors.
Amit Yoran is the director of the National Cyber Security division of the Information Analysis and Infrastructure Protection office at the U.S. Department of Homeland Security. Before his appointment last September, he was VP for managed security services at Internet security vendor Symantec Corp. Yoran also was founder and president and CEO of the managed security services firm Riptech Inc., which was acquired by Symantec in 2002. Yoran also was the director of the vulnerability-assessment program within the Computer Emergency Response Team at the Department of Defense and the network security manager, responsible for maintaining operations of the Pentagon's network. He has a bachelor's degree from the United States Military Academy at West Point and a master's from George Washington University.
Yoran recently spoke with InformationWeek editor Stephanie Stahl and InformationWeek security reporter George V. Hulme about initiatives under way at the National Cyber Security Division, cyberterrorism, software quality, and his views on the state of information security for the year ahead.
When something like the recent ASN.1 Microsoft vulnerability is announced, how does the National Cyber Security Division at the Department of Homeland Security go about handling the information and the alert?
Yoran: We are running through the process with that vulnerability as we speak and will likely issue an alert on the topic. When we look at those topics and those issues, NCSD is focused on a number of key metrics and one of them is the pervasiveness of the technology that is vulnerable. Another metric would be the extent to which an exploit [code that attackers use to break into applications and systems] may or may not be occurring around any given vulnerability. And we look at whether or not there is any action that can be taken when it comes to defense and countermeasures. Candidly, we also look at the visibility around a vulnerability.
InformationWeek: Is the NCSD announcing some forums to help with the process of exchanging security-related information among various organizations?
Yoran: Yes, there are a couple of things we are doing around partnership programs. Some of which we have already launched and are under way and others we will be launching in the very near future. The ones that are in operation are really focused on the public sector side of things. The Government Forum of Incident Response and Security Teams includes those entities that have a 24/7 cybersecurity function responsible for protecting departments and agencies within the federal government, This forum was created to provide a cooperative environment where they can exchange situational awareness, technical information, tools and techniques, and countermeasures on a 24/7 basis among each other. This forum functions at the technical operator level.
Another group is the Chief Information Security Officers Forum, which we put together. That is a collaborative forum where CISOs within the federal government can get together and exchange their success stories, experiences, as well as those programs, technologies, and initiatives that have been successful for them and those that have been challenged. It's a forum where they can leverage one another's experiences and capabilities so we are not reinventing the wheel each time we implement security measures in the federal government.
The third forum we recently put together is the Cyber Interagency Incident Management Group. This is a forum where all of the major departments and agencies that have significant capabilities and authority to operate in the cyber realm can engage with one another to increase preparedness and coordination during a time of crisis. These include agencies with law-enforcement authorities, various components of the intelligence community and their cybersecurity operators, as well as the Department of Defense and a number of other federal and civilian organizations. So during a time of crises, the federal government itself is coordinated on the cyber front about which activities are occurring where and to make sure our resources are best focused.
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.