The Cybersecurity and Infrastructure Security Agency’s Boyden Rohner, Stuart Kippelman of Parsons and Matthew Swenson of the Department of Homeland Security all convened on Wednesday to speak on the complex facets of cybersecurity and the implications each has on an organization’s information security capabilities in today’s evolving threat environment.
During the panel discussion, titled “The Road to Cyber Resiliency – Reducing Threat Exposure and Safeguarding Critical Infrastructure,” moderator Joshua Strunk of Leidos facilitated a conversation that touched on the vital role of human operators at the center of advanced, automated technologies as the U.S. shores up its defenses against the rising threat of attacks and breaches across the rapidly growing cyber domain.
This panel discussion was part of GovCon Wire Events’ Information Security and Innovation Forum, available on-demand now at the GovCon Wire Events page. Click here to read highlights from CISA CIO Robert Costello’s opening keynote address.
A sometimes overlooked yet necessary component of cybersecurity is the people, employees and operators who are tasked with upholding and enforcing it.
Stu Kippelman, chief information officer for Parsons, said the “people aspect” of cybersecurity is what fuels his passion for the topic and guides his leadership approach.
“No matter what we do, no matter what technologies or processes we put in place, it always comes down to the people that work here, educating them on what’s good and bad, and making every employee part of what is such an important process.”
“We can’t do it alone, the technology does not solve this by itself, it has to be everyone,” Kippelman continued.
Kippelman elaborated on Parsons’ IT priorities and strategies, as well as the company’s commitment to collaborative partnerships in a recent Executive Spotlight interview with ExecutiveBiz.
Technology, Kippelman said, becomes “magical” when it works the right way, and at Parsons, he’s working to enable that environment through workforce education, heightened cybersecurity and an attractive and supportive company culture.
As the conversation shifted its focus to artificial intelligence, machine learning and their respective roles in cybersecurity, Matthew Swenson, unit chief of the cyber crime unit at the Department of Homeland Security’s Homeland Security Investigations Center, echoed Kippelman’s comments and emphasized the human element of the cybersecurity equation.
Swenson used the concept of zero trust, which favors an internal IT environment that is just as hardened as its exterior, as an example of where human analysis is critical and not easily replaceable with automated technologies.
“If you don’t have quality people who know what they’re doing, looking inside your network for anomalous network activity, you could be compromised for months and years at a time and have no idea what’s going on,” Swenson warned.
“As of right now, machines can only contribute so much to that,” he explained. “You really do need highly trained professional human beings sitting behind that hardened wall.”
Boyden Rohner, associate director for vulnerability management as CISA, then gave her perspective from within the Department of Homeland Security’s newest operational component as the agency defines its culture and mobilizes in the federal landscape.
CISA, Rohner said, has a unique vantage point “sitting at the intersection of federal civilian executive branch, the intelligence community, law enforcement, the private sector and the public sector.” The agency shares information between those partners, acting as a community hub which convenes to reduce security risks across the board, Rohner explained.
Her specific role in vulnerability management, she said, is less reactionary and more responsive; Rohner said her office at CISA aims to “move the problem upstream so that we’re designing solutions or really getting ahead of threats before they actually plague owners and operators across the country.”
Rohner explained that CISA works to bake in security at a foundational level through resilient and defensive architecture that can ensure the security of any element before it’s even targeted.
Shifting back to the overarching “human” focus of the discussion, Rohner said the workforce is integral to addressing these paramount cyber issues, and as a young agency, CISA strives to be a thoughtful employer and a supportive workplace.
“The culture that we’re trying to create enables every employee to feel the psychological safety to bring their best selves to work and tackle the biggest problems that are confronting us all,” Rhoner commented.
On March 23, GovCon Wire Events will host its Second Annual Air Force: IT Plans and Priorities Forum, featuring U.S. Air Force and industry officials who will gather to discuss the service branch’s modernization initiatives as operators and warfighters demand better IT capabilities to carry out their missions.
Air Force CIO Lauren Knausenberger, a 2022 Wash100 Award winner, is scheduled to keynote the forum and bring to light some of the ways in which her office is bolstering cyber capabilities, reducing IT redundancies and better equipping service members to succeed in today’s digital and physical combatant environments.
Register here for the Air Force: IT Plans and Priorities Forum on March 23!
