The Intersection of Cybersecurity and Intelligent Automation

As the cybersecurity challenge has morphed into a multi-front battle – from the insider in the next cubicle to a distant but malevolent foreign power – chief information security officers, network operations and security operations center staffs have steadily acquired a variety of tools to counter the threats. Few federal agencies are operating with an abundance of resources, even for such a high priority activity as cybersecurity.

That would be a formula for cyber chaos – except for the rise of automation. That is, agency security staffs are adopting strategies for automating cybersecurity tasks such that people have more actionable information more quickly. Automation also frees staff up for higher level tasks such as planning, research and data analysis.

To explore these issues, Federal News Radio convened a panel of experts:

  • Leo Scanlon, senior adviser for health care and public health sector cybersecurity in the CIO office at Health and Human Services
  • Ray Letteer, chief of the Cybersecurity Division at the U.S. Marine Corps
  • Tony Hubbard, principal at KPMG

Letteer explained a new Marine Corps implementation of the Navy’s “comply to connect” policy under which every endpoint is automatically scanned and evaluated for cyber threats each and every time its user logs on. If it passes muster, the system checks it hourly while it is connected.

Scanlon detailed how, after last year’s government-wide cyber sprint, HHS has established two-factor authentication for all of its users, en route to two-factor for systems administrators and network staff members.

He also explained why the need for cyber defense automation is extra important for HHS. Many of the department’s agencies and bureaus are connected directly to the greater health care ecosystem, and health care data is among the most sought-after target of hackers.

Hubbard said automation and orchestration of information technology processes such as cybersecurity monitoring and mitigation aren’t new, but they are becoming more widely adopted as agencies improve their fundamentals of vulnerability patching, multi-factor authentication, and inventorying and monitoring of critical assets.

The panelists also discussed how cloud computing, software-as-a-service, and the internet of things add to both the urgency and complexity of cybersecurity automation.

 

Moderator

Federal Drive host Tom Temin

Tom Temin, Federal News Radio

Tom Temin has been the host of the Federal Drive since 2006. Tom has been reporting on and providing insight to technology markets for more than 30 years.  Prior to joining Federal News Radio, Tom was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines. Tom also contributes a regular column on government information technology.

 

Panelists

Leo Scanlon, Senior Advisor for Healthcare and Public Health Sector Cybersecurity, Office of the CIO, HHS

Leo Scanlon is the HHS Senior Advisor for Healthcare and Public Health (HPH) Sector Cybersecurity and the Deputy Chief Information Security Officer for the Department of Health and Human Services.  He serves as chairman of the HHS Cyber Security Working Group, which coordinates cybersecurity collaboration between HHS Operating Divisions and their partners in the private sector. He is the executive sponsor of the HHS Healthcare Cybersecurity Communications and Integration Center (HCCIC). The HCCIC supports cyber threat and indicator sharing across HHS Operating Divisions, DoD and civilian agency partners, and healthcare cybersecurity stakeholders in the intelligence and law enforcement communities, and the National Health Information Sharing and Analysis Center (NHISAC).

Leo has worked at the interagency level as a co-chair of the Identity Credential and Access Management sub-committee of the Information Security and Identify Management Committee (ISIMC), and as a tri-chair of the ISIMC.  He is co-chair of the Government Advisory Council of the International Information System Security Certification Consortium (ISC2), and government chair of the ACT-IACT Cybersecurity Community of Interest.

 

Dr. Ray Letteer, Chief, Cybersecurity Division, United States Marine Corps

Dr. Letteer is the Marine Corps Senior Information Security Official (SISO) and the Chief of the Cybersecurity Division of the Command, Control, Communications, and Computer (C4) Department at Headquarters, U.S. Marine Corps. As such, he is responsible for and oversees all Cybersecurity (CY) tasks, standards, and conditions within the Marine Corps, which includes Computer Network Defense (CND), Defensive Cyber Operations (DCO), Public Key Infrastructure (PKI), Electronic Key Management Systems (EKMS), and Certification & Accreditation (C&A).

Dr. Letteer serves as the appointed Approving Official (AO) for the Marine Corps Enterprise Network (MCEN), which includes all networks and networked systems whether in garrison or tactically deployed. He is also the Functional Area Manager (FAM) for Marine Corps EKMS/KMI/PKI issues.

 

Tony Hubbard, Principal, KPMG

Mr. Hubbard has spent 25 years providing cybersecurity consulting services to the Federal Government. He currently leads KPMG’s Federal Cybersecurity practice supporting the Defense & Intel communities as well as Federal Healthcare and Civilian agencies with a wide range of cybersecurity services, including identity access management support and cyber governance, among others. Mr. Hubbard has authored articles and spoken widely on Federal Government cyber challenges and opportunities. He received his Bachelor’s degree from Shepherd University, and is a Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA).