recommended reading

Air Force CIO says cybersecurity federal "Achilles' heel"

Until best practices in information security become pervasive across all aspects of the enterprise, agencies' networks remain at risk, said a top technology chief with the Air Force at a conference Wednesday, calling cybersecurity one of the federal government's most overlooked and critical weaknesses.

"There's too much fighting about cyber -- how big [a concern] it is, who owns it," said Lt. Gen. Michael Peterson, chief information officer at the Air Force, during a keynote at Air Force IT Day, sponsored by the Armed Forces Communications and Electronics Association of Northern Virginia.

"This is our Achilles' heel," he said. "It's not about a denial-of-service attack; it's about the information on the network -- ensuring it's accurate, protected, and available. [But] we're still fighting over what patch to put on."

Despite Russia's cyberwarfare tactics against Estonia and Georgia, Peterson said an all-out cyberwar won't happen; instead, cyberattacks will become one of many combat strategies used by adversaries to bring government to its knees.

"It won't be a pure fight," he said. "It will incorporate all domains … The battle is ongoing and these guys are very good."

To combat cyberattacks, information security needs to become more pervasive across agencies and across government, Peterson said. Too often it is managed separately from other operations, he said, but an enterprisewide approach is necessary to ensure that daily processes that traditionally receive less oversight do not introduce security vulnerabilities. Standards should be engrained across all disciplines, he added.

"Good security practices are not just good security practices," he said. "They're required security practices … This is too important to not [be] embraced in the broadest view possible."

Peterson said the incoming administration is well aware of the threat, noting he plans to brief the transition team about cybersecurity later in the afternoon. President-elect Barack Obama has already met with John Grimes, chief information officer and assistant secretary of networks and information infrastructure at the Defense Department.

The Air Force has changed its strategy for cybersecurity in recent months. In December 2007, former Secretary Michael Wynne signed a directive to stand up the Air Force Cyber Command that would work alongside the space, air combat and other commands. That plan was scrapped after lapses in the security of the nation's nuclear arsenal prompted the reallocation of resources to a Global Strike Command. In October 2008, the same month the Cyber Command was scheduled to begin operation, the Pentagon announced that cyber operations would instead be organized within the Air Force Space Command and named the 24th Air Force. About 6,000 people are expected to work in the cyber component.

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.