Federal News Radio convened a panel with a diverse group of cybersecurity professionals to talk about best practices for gathering threat intelligence for today’s cybersecurity in government.
Host John Gilroy was joined by Ron Carback, Defense Intelligence Officer for Cyber at the Defense Intelligence Agency; Tim Ruland, Chief Information Security Officer at the U.S. Census Bureau; Shaun Khalfan, Chief Information Security Officer at U.S. Customs and Border Protection; and Zulfikar Ramzan, Chief Technology Officer at RSA.
The discussion began by addressing fiscal considerations. An observation was made that many discuss “best practices” but forget the financial aspect. When it comes to cybersecurity, every agency has a fixed budget, which has nothing to do with “best practices.” Federal cybersecurity professionals must be able to prioritize.
Carback discussed his experience in assigning resources for cybersecurity, while Ramzan compared his experience in the commercial world with priority setting for federal agencies. He also mentioned the concept of dichotomies in cybersecurity. One balance is trying to adapt to the lack of cybersecurity professionals. He also addressed the value of automation in handling threats. Another balance point is assigning priorities in cybersecurity.
No discussion about cybersecurity would be complete without addressing the elephant in the room: the lack of available talent. This is a concern expressed in the commercial world, with a reported shortage of one million cybersecurity experts estimated for 2017.
The panel discussed several ways to overcome that gap, with the most obvious being automating tasks. Ramzan concluded by referencing several points on taking precautions with automating services that may need the analytical ability of humans.
John Gilroy, Host of Federal Tech Talk, Federal News Radio
John Gilroy has been a member of the Washington D.C. technology community for over twenty years. In 2007 he began weekly interviews on Federal News Radio called “Federal Tech Talk with John Gilroy.” His 428 interviews provides the basis for profitable referral business. In 2009 he created a successful breakfast club of previous radio guests called The Technology Leadership Roundtable. He has been instrumental in two of his guests forming their own radio shows: Derrick Dortch with “Fed Access” and Aileen Black and Gigi Schumm with “Women in Washington.”
In 2011 he began teaching a course in social media marketing at Georgetown University; in March of 2014, John won the Tropaia Award for Outstanding Faculty. John conducts monthly corporate training for large companies on how to leverage social media to generate revenue.
Ron Carback, Defense Intelligence Officer for Cyber, Defense Intelligence Agency
Mr. Carback is on a joint duty assignment as the Defense Intelligence Officer for Cyber at the Defense Intelligence Agency. An employee of NSA, Mr. Carback has served in a variety of leadership positions across operational and technical areas and has been engaged in significant collaboration for NSA across the Intelligence Community and with foreign partners. He has served overseas in the United Kingdom as well as in Baghdad, Iraq, where he supported both warfighters and policymakers. He chaired the National SIGINT Committee in Washington DC, supporting both the Director of National Intelligence and the Director NSA. Prior to his current assignment, he served as Deputy Director of Intelligence (J2) at United States Cyber Command.
Tim Ruland, Chief Information Security Officer, U.S. Census Bureau
Tim Ruland is the Census Bureau’s Chief Information Security Officer (CISO). He reports directly to the Chief Information Officer (CIO) and provides regular briefings and support to Census Bureau and Department of Commerce senior executives.
Ruland began his career in the military where he served 13 years in the US Army. He served in many assignments; including Thailand, Germany, Fort Ord, CA, and Ft. Meade, MD, as a Military Intelligence Analyst and Linguist (Vietnamese, Russian and Korean) and Military Policeman. Upon his honorable discharge from the Army, he served as a Software Configuration Manager with a Defense contractor for four years.
Ruland began his career at the Census Bureau in 1991 when he was hired to establish a configuration management process for the 1992 Economic Census. After which he earned the position of Division Security Officer. After spending 18 months as the Division Security Officer, Configuration Manager and system administrator, Ruland moved to the ADP Security Branch. The ADP Security Branch was a small branch of seven people in the Administrative and Finance Division. In 1998, Ruland was promoted to Branch Chief where his first action was to change the name of the organization to better reflect the more diverse role of the organization, the IT Security Branch. Ruland has been instrumental in the development of the Census Bureau IT Security Program and the office has grown to four staffs consisting of 23 employees and approximately 20 contractors in support of the enterprise IT Security Program.
Ruland is a CISSP, CISM, CFCP and holds a Master’s Certificate in Project Management from George Washington University. He has completed the Framework for FISMA Seminar Series hosted by the Potomac Forum and is a FISMA Fellow. He is currently working on a degree as a Paralegal. Ruland holds a Sociology Degree from the University of Maryland.
In his spare time, he rides a Harley Davidson and has been riding as Santa Claus for the past couple of years in a Toy Run to provide gifts to needy children. He also rides in a number of veteran related motorcycle events.
Shaun Khalfan, Chief Information Security Officer, U.S. Customs and Border Protection
Shaun serves as the Chief Information Security Officer and senior cybersecurity executive for the largest law enforcement agency in the country, U.S. Customs and Border Protection. He leads the development and execution of cybersecurity strategy and is responsible for aligning security initiatives with enterprise programs and business objectives, ensuring that systems and information are adequately protected.
Prior to joining CBP, Shaun served as the Director of Cybersecurity and Infrastructure with the Department of the Navy (DON) Chief Information Office. He led a team of senior DoD civilians and military officers to deliver strategy, governance, policy, and oversight of Department of the Navy cybersecurity initiatives, to include assessment and authorization, mobility and cloud security, risk management, identity management and cybersecurity strategies. Enabling this consisted of leading efforts within the DON such as computer network defense design and architecture, continuous monitoring, insider threat, and other cyber initiatives across the department. He previously served as the Program Information Security Manager with the Defense Logistics Agency, Defense Information System for Security Acquisition. He developed and led a comprehensive information security program which drove the cyber acquisition strategy, architecture, requirements, policies, and processes for the program. Additionally, he managed the cost, scope, and schedule of specific systems and components within the family of systems and coordinated with stakeholders to develop requirements and deliver solutions. Prior to this, he was the Enterprise Security Operations Manager with the Navy’s Military Sealift Command. He led the command’s Network Security Operations Center (SOC) and managed multiple information security projects.
Shaun serves as an advisor on federal technology committees, is a fellow with the American Council for Technology, and an adjunct professor at George Washington University. He received his MBA from George Washington University and is a graduate of the University of Maryland. He is also a Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Defense Acquisition Level III in Information Technology, and a graduate of the DoD Executive Leadership Development Program.
Zulfikar Ramzan, Chief Technology Officer, RSA
Dr. Zulfikar Ramzan serves as the Chief Technology Officer of RSA, the Security Division of EMC. In this role, he is responsible for leading the development of the company’s technology strategy and bringing to market the innovations that help protect RSA customers from the growing number of advanced threats. Prior to joining RSA, Dr. Ramzan served as Chief Technology Officer of Elastica and, preceding that, as Chief Scientist of Sourcefire (acquired by Cisco in October 2013). Before joining Sourcefire via its acquisition of Immunet in 2010, he was Technical Director of Symantec’s Security Technology and Response division. In all of these roles, Dr. Ramzan has leveraged his expertise across numerous domains of cybersecurity and large scale data analytics to bring innovations to market that have protected customers from a large variety of threats to their information assets.
Dr. Ramzan has co-authored over 50 technical articles, and two books including Crimeware: Understanding New Attacks and Defenses, Addison-Wesley Professional, 2008. He also has over 50 granted patents. Dr. Ramzan was selected and served as General Chair of Crypto 2010, the premier conference in the field of Cryptography. Beyond that, he is a frequent public speaker and has briefed both numerous media outlets including the New York Times, Wall Street Journal, Associated Press, and Reuters as well as members of the United States Congress on cyber-security trends and issues. Dr. Ramzan has produced a number of online videos on cybersecurity trends that have collectively been viewed over a million times and he has served as a guest faculty for the educational non-profit Khan Academy.
Dr. Ramzan holds a Ph.D. in Electrical Engineering and Computer Science from the Massachusetts Institute of Technology. His doctoral advisor was Professor Ronald L. Rivest, who co-founded RSA Data Security.
Every day, and for over 30 years, RSA's singular mission has been to help our more than 30,000 customers around the world protect their most vaulable digital assets. RSA is driven by its uncompromising belief that organizations should not have to accept getting breached or hacked as an unavoidable consequence of operating in a digital world. In fact, RSA believes that organizations must become aggressive defenders of their right to operate securely and that no other company is in a better position to help them.
RSA's Intelligence Driven Security solutions help organizations reduce the risks of operating in a digital world. Through visibility, analysis, and action, RSA solutions give customers the ability to detect, investigate and respond to advanced threats; confirm and manage identities; and ultimately, prevent IP theft, fraud, cyber-espionage, and cybercrime.
RSA Federal Solutions is the premier provider of intelligence-driven security solutions to the Federal government, serving every cabinet level agency, each military service, and the intelligence community. For more information, please visit federal.rsa.com.