|
If you blinked, you might have missed it. Nestled back in September’s headlines, there was a little news item that indicates how much the world has changed. In the face of new cyber threats, the U.S. government took an important first step toward getting hacking under control: they announced that Gregory Touhill, a retired Air Force general, would be their first-ever cyber security chief.
While it may look like a cosmetic change or a publicity stunt, this is actually a sea change in government policy. It shows that cyber attacks are growing more common and more serious and that the government views them as a serious threat to national security. All About Gregory TouhillGregory Touhill served for many years as a Brigadier General in the U.S. Air Force, before he eventually retired from the military and moved into public service in a civilian capacity. As a general, he was the director of Command, Control, Communication and Cyber (C4) at U.S. Transportation Command at Scott Air Force Base. He also has worked as a private cybersecurity consultant and written an influential book on cybersecurity. Touhill previously worked as a deputy assistant secretary for cybersecurity at the Department of Homeland Security. But the creation of a new office — and his promotion into it — shows that the federal government is making a new commitment to cyber safety in a dangerous era. There’s been very little announced since Touhill was appointed to the new position, although intelligence agencies have argued that foreign governments are stepping up their hacking activities. It’s not clear exactly what tasks Touhill’s office will take on, or how he’ll advise his fellow officials, and it’s likely that we’ll see these things take shape over the next several months, but the government has stated that Touhill will be serving as “federal chief information security officer.” He will be focusing on “cybersecurity policy, planning and implementation” and will focus on protecting government systems and “critical infrastructure” from attack. In performing this task, he’ll be coordinating closely with intelligence agencies, the Department of Homeland Security, state governments and other governmental bodies. A Changing WorldThe Obama administration has taken several important steps to show its commitment to cybersecurity, and it’s undoubtedly been one of the first administrations to understand the importance of information security in general. For instance, it’s established the Commission on Enhancing National Cybersecurity, which has brought together experts from the public and private sectors to brainstorm, research and provide advice to government officials about what important cybersecurity measures the government can take to protect both public and private interests. Another key step has been the implementation of the Information Technology Modernization Fund, or ITMF. This $3.1 billion fund allocates resources toward the modernization of government information technology infrastructure, including upgrading serviceable infrastructure and out-and-out replacing infrastructure that can’t be effectively modernized. Finally, the government has implemented the Cybersecurity Strategy and Implementation Plan (CSIP) as well as the Federal Cybersecurity Workforce Strategy. While most of the government’s cybersecurity efforts to date have focused on U.S. military and intelligence systems, these two initiatives work together to attempt to modernize the cybersecurity systems used by civilian federal employees. Security might not seem as vital to civilian jobs as they are to military ones, but federal employees deal with a surprising amount of sensitive information, and if this information is left unsecured, it can do serious damage to our national security as well as individual civilians’ lives. {{cta(‘f8ec6ca5-05c8-45c7-95a2-742f6634171a’)}} The First Government Cybersecurity OfficerThe government isn’t known for its speed, and its convoluted bureaucracy makes it one of the last organizations to adapt to a changing world. Sure enough, cybersecurity has been a serious geopolitical issue for the past ten or twenty years, as both private individuals and foreign governments step up hacking efforts on government agencies, businesses, and private individuals. Even with mounting reports of cyberattacks from Russia and China, the White House probably took two years to consider the merits of a cybersecurity officer before finally settling on Touhill and announcing their decision to the press. And yet even though the U.S. government has chosen a cybersecurity officer, many businesses are still left in the dust. They don’t have a cybersecurity plan, and may have never even run the threat assessments and other tests that identify dangerous vulnerabilities in their systems. For many organizations, it’s as though they’re waiting to be attacked before they take action — and then it’s too late. But your organization’s cybersecurity doesn’t have to be a nightmare. When you partner with a company like Garland Heart, we work with you to assess your organization’s needs and vulnerabilities and shore up your cyber weaknesses to create a comprehensive security plan. It’s easy to get started. Our free test asks you some basic questions about your financial institution and works as a good initial assessment of your organization’s cybersecurity. And when you’re ready to take the first steps to protect your business and its data, consult our website or contact us for detailed information about our information security services. |
