At a recent State of Maryland CISO interview I was asked if I had anything else I would like to say at the end of the interview. I remembered my organization theory class and the fact that I am a democrat and the current CIO was a republican. I knew that I have a good business background as I was once a republican. I offered a suggestion to create an IT Agency like Ohio. The interviewers looked at me and said nothing about my suggestion. Then 6 months later Governor O’Malley announces that he is creating the IT Department in Maryland State government. I still am puzzled why I did not get the job. So I keep on looking while I do my present job of Homeland Security for DOT.
I think we computer types need to remember that the rest of the world just does not get it. We are like walking databases who have real knowledge and real skills in the modern world and everything we do is smarter than anyone has ever done before us. This is not bragging or fiction, just fact. The expert power defines those in the computers security field as the new knights of the cyber battlefield. I can think like a hacker and use their tools and counter any moves they make. DHS SENTINEL training made sure of this understanding of the tools. Yet, I have to agree that the security policy big picture involves the people not just the cool advanced data communications security tools.
When you develop your IT security staff make sure you have different types of people on it from different areas of IT. This will give you coverage in areas you may not have thought were important. Diversity is good in the hiring process. You’ll need a physical security expert, a network security expert, application programmers, database experts, and penetration testers. You‘ll also need the black hats who will compliment your white hat staffers. Remember Congress made Miliken a security guru after his testimony on how he defrauded the financial sector.
When we do our jobs correctly we reach towards the intelligence function. We have a need to know what bad deeds have been occurring so we can connect the dots. The fusion centers provide us with data. So does the FBI Infragard group. They give us security related intelligence to counter attack any recent attacks on our infrastructure. We thus become intelligence analysts as well as computer security experts. It is the use of this intelligence that empowers our daily missions to protect the critical infrastructure. Without new information sharing laws and products we would be left to our own devices.
If you can not join Infragard and attend meetings then you can train yourself to visit the FBI webpage and others on a weekly basis to obtain intelligence form the Director of the FBI. They also have interesting stories and updated fraud schemes and electronic scams. They are a treasure of information. The FBI has entered a new age of computing. Having worked there on the names index system I can attest to the importance they place on technology. More agents are computers scientists than ever before. Through intelligence functions they disrupted BOTNETs in Operation BOTNET Roast II. They successfully traced and prosecuted some of the bad guys. Listening to the agent who took part in this operation was inspirational. He told us what to look out for and how to recognize a BOTNET. Heck all we have to do is report one when we see it!
The FBI is rebuilding their SENTINEL system which is an internal case load system since the previous system failed to do the job. Lockheed Martin is building the SENTINEL system and Congress and GAO are watching closely that it provides the capabilities promised. It will give the FBI a way of integrating many elements of crime fighting data that we often see on TV. AFIS (fingerprinting system) and NCIC (40 years old) are systems that the FBI has relied upon for years and shared with local law enforcement agencies. Now the FBI will have a case management system that brings information to the field agent desktop. This is the advanced intelligence function supporting the new mission of the FBI since 9/11- counter terrorism.
I am not sure how you can enter the world of counter terrorism without being connected to the FBI or the Army Delta Force or other elite military units. Having studied their manuals and operations I can tell you the Special Forces has answers to the counter terrorism problem that would also include network attacks and AlQaida hackers attacking our critical infrastructure computers and system controllers. One target is the pipeline SCADA computers. SCADA computers also exist at nuclear plants and electric generators and they are not hardened. By studying this I have come to understand how to use CARVER as a vulnerability analysis tool. The method is used to prioritize attacks in the US Army. It is also used to defend against potential threats. This intelligence helps us in our civilian jobs where we may be targeted by terrorists.
The best bet we have of defending our infrastructures is to keep on using intelligence and predicting where we will be hit next. For sure the terrorists are looking for more ways top defeat our internal systems and infrastructure weaknesses. We need to remember that their leader is a western trained civil engineer who knows how we operate at the highest levels. He will stop at nothing to attack us. We must be smarter and use our joint intelligence capabilities to reduce the risks fro a mean and violent world.
In this way we will have defended our nation against tyranny.