Matt Conner pointed to several priorities on the horizon.
America’s intelligence community chief information security officer plans to pursue efforts to help grow the cybersecurity workforce and foster more data-centric operational approaches as the uncertain future of technology unfolds.
“The cybersecurity apparatus is still geared around a traditional definition of systems—you know, full-stack, storage, compute, processing—all in one device,” Office of the Director of National Intelligence IC CISO Matt Conner said at Splunk’s GovSummit Tuesday. “I think that we don't talk enough about data: data integrity, data security.”
Conner spent years as National Geospatial-Intelligence Agency CISO before joining ODNI last year, according to his LinkedIn. During the virtual event this week, he explained the IC wants to realize a future that involves some commercial off-the-shelf services, discoverable data and knowledge management. All of those, Conner noted, are predicated on well-curated and well-tagged data, as well as solid tools for identity credential and access management.
Data would be a core asset and at the heart of that architecture of the future.
“And so when I talk to my peers, we’re talking a lot about data-centricity now—moving away from the traditional definition of a computer. So many of our governance instruments, policies at the [National Institute of Standards and Technology] level and others are geared towards a lot of yesterday's computers,” he said. “And I think that the future is unlocking that strategic power of data."
Officials are already intentional about this within ODNI. Conner pointed to his agency’s move to the cloud as an example, noting that it’s refactoring applications to separate data from applications so that the data can be discoverable and consumed by analysts, regardless of fabric or variables of mission and location.
“So I really do think that that's a key part of the future,” he said.
The CISO reflected on an array of topics during the virtual conversation with Splunk’s CISO Yassir Abousselham. Another primary area that will be prioritized going forward, Conner added, is challenges around the nation’s cyber talent pipeline.
“I do think that we recognize at the national level that the cybersecurity workforce is not as big as it needs to be. It's not as diverse as it needs to be,” he said. “And so I think that we're going to have to look at growing more of that talent than finding it.”
Conner called this realm “a hypercompetitive market,” particularly in the National Capital Region. He mentioned that officials are already considering introducing reskilling programs and thinking about creative ways to support and expand partnerships like the CyberCorps Scholarship for Service, especially for government insiders to confront these personnel needs and complexities.
“Depending on the source, there are either millions or tens of thousands of unfilled cybersecurity jobs—and I think the demand for cyber is only going to go up,” Conner said.