Technology Sectors

Market Sectors

Expert discusses cyber threats

Tue, 2010-05-11 01:06 PM
By: Melissa Jane Kronfeld
Stringfellow

Robert Stringfellow, President and CEO of Megadata Technology LLC, of Fort Washington, MD, has a unique view of the world. Having spent 12 years in the military and now running a company that provides advanced technology services to government clients, Stringfellow has an exceptional perspective on what keeps us safe – and what puts us in danger.

Stringfellow spoke exclusively with GSN: Government Security News about the most pressing cyber security issues today and what keeps him up at night.

“I am always concerned that we have a lot of security professional personnel that are in it for the money part of it, and not in it for protecting the data, because they don’t even know how to protect their own data,” Stringfellow told GSN. “I worry about the security professionals who go get accreditation just for the money, without a well-rounded background in security. There are a lot of security people out here that are totally inexperienced.”

But inexperienced security professional are not the only problem in his view. An uneducated public has its own set of problems, Stringfellow pointed out.

“A lot of people are looking for easy solutions or using outdated tools or using too many tools that do it for you, without analyzing data and really getting to understand how to analyze information,” he said. “There are too many short-cuts for quick gain. Once you start cutting corners, you will always get the same results in the end.”

In the end, Stringfellow believes, it will be up to the private sector to make cyber-space safe for all users.

“The Internet needs to be regulated. It’s like the NFL. All the teams have to help regulate it. If we get all the big companies to sign on to protect their own data, and set the tone, everyone else will follow. Businesses need to create the rules about how to play the game. If you want to connect with me, and play with me, you’ll have to do so at a certain level. The government shouldn’t be regulating the Internet, they have enough to regulate right now.”

But even without regulation, the government is now confronting some big cyber-security issues including…

Hackers…

“We have hackers overseas and homegrown ones -- they want to even the playing field or just go against the grain. They don’t like what’s going on in terms of policy, so they hack the Pentagon or some other government agency and it’s just for notoriety. It’s mostly about self-promotion, street credibility. They are marketing themselves.”

Cloud computing…

“Cloud computing is great for usability and performance. It’s the best way to go. Does it put us in a prickly situation with security? Yes. That’s always going to be my concern. If you play into an unregulated game -- an unregulated cloud where people may not be playing fair – it’s always a dangerous way. You might open yourself up to -- or make yourself susceptible to -- attack.

And cyber-warfare…

“With war, you’re always going to attack communications first. That way, information cannot be disseminated. That’s a classic tactic of the U.S. military. So, yes, I believe cyber-war will increase. There is a lot of probing going on regarding people trying to figure out where they can be the biggest nuisance.”

Stringfellow imagines the worst cyber-security catastrophe would be aimed at our nation’s financial system.

“If someone could inject a worm or virus into the infrastructure and it was able to actually bring down the financial mainframes and computers, that would be the worst case scenario,” he said. “The rule of America is money. If they could bring down the financial system, it would be a low point. Followed by communications -- if we don’t have money and we can’t talk, it would create panic, that would be a nightmare.”

But Stringfellow stays focused on more likely threats, like those that result from the rise of telecommuting for work.

“With more people working from home, they have to be able to link to the systems infrastructure,” he told GSN. “So, we have to consider what we keep off the grid. But, if you’re going to plug into the infrastructure and it’s unregulated, people won’t play fair. Anything that can be engineered can be re-engineered. We are so plugged in. If the Web shut down, we would have mass panic, and it would definitely bring us to a halt.”

Tags:
 
  • Share/Save
  • Email this page
  • Printer-friendly version
 

Recent Videos

GSN 2011 Awards Dinner and Sponsor Interviews: John Clark, President and CEO, The Whitestone Group
It's been a banner year for the Whitestone Group, according to John Clark, CEO of the facility security, asset/force protection and investigations...
GSN 2011 Awards Dinner and Sponsor Interviews: Jeff Horne, Practice Manager, Malware Solutions, Accuvant Inc
Jeff Horne explains that Denver, CO-based Accuvant , Inc has two different businesses – the Value Added Reseller (VAR) side, in which it is one of...
GSN 2011 Award Winners and Sponsor Interviews: Dave Natelson, President, Nasatka Security
GSN caught up with Dave Natelson for a quick interview at the Cocktail Reception at the 2011 Awards Dinner, before he learned that Nasatka had earned...
GSN 2011 Award Winners and Sponsor Interviews: Ann Pickren, VP Solutions, MIR3,Inc
Ann Pickren discusses MIR3’s Mass Notification System that was awarded a Winner’s Trophy in GSN’s 2011 Homeland Security Awards Program. She explains...
GSN 2011 Awards Dinner: Presentation of 1st Annual GSN/Raytheon Award for Distinguished Leadership and Innovation in Public Safety and Security to Admiral Thad Allen, former USCG Commandant (Ret.)
Former Coast Guard Commandant Thad Allen, who served through a long and distinguished career in the United States Coast Guard and later answered the...
More Recent Videos

Upcoming Events

Event Details Dates of Event
SANS Monterey 2012 Jan 30 - Feb 4
2012 Adobe Government Assembly Feb 8
SANS Phoenix 2012 Feb 13 - 18
SANS Secure India 2012 Feb 20 - 25
The Airport Law Enforcement Symposium Feb 23-24, 2012 Feb 23 - 24
Physical Security: Introductory Applications and Technology Feb 27 - Mar 1
Conducting Corporate Investigations Feb 27 - 28
ISC CHINA 2012 (International Security Conference & Exposition CHINA) Feb 27 - 29
RSA Conference 2012 Feb 27 - Mar 2
SAP Public Sector Partner Exchange Feb 28 - 28
SANS Secure Singapore 2012 Mar 5 - 17
SANS Germany 2012 Mar 5 - 10
Homeland Security Finance Forum 2012 Mar 6 - 6
Basic Hands-On CAMEO Training Mar 12 - 14
ASIS Assets Protection Course: Principles of Security (APC I) Mar 12 - 15
SANS Mobile Device Security Summit 2012 Mar 12 - 15
Aviation Week's Innovation Challenge Showcase Mar 13 - 14
Symantec Government Technology Summit Mar 20 - 20
STI at SANS 2012 Mar 23 - 30
SANS 2012 Mar 23 - 30
The 9th Two Day Conference On Indian Medical Devices & Plastics Disposables Industry 2012 Mar 23 - 24
SANS Northern Virginia 2012 Apr 15 - 20
Active Shooter Apr 18 - 19
SANS AppSec 2012 Apr 24 - May 2
SANS Cyber Guardian 2012 Apr 30 - May 7
Telework Exchange Spring 2012 Town Hall Meeting May 2 - 2
5th Sample Prep - Sample Preparation for Virus, Toxin, & Pathogen Detection & Identification May 3 - 4
SANS Security West 2012 May 10 - 18
SANS Toronto 2012 May 14 - 19
Counter Terror Expo US May 16 - 17
CEIC 2012 (Computer and Enterprise Investigations Conference) May 21 - 24
SANS Rocky Mountain 2012 Jun 4 - 9
Data Center Brainstorm 2012 Jun 19 - 19
SANS Forensics and Incident Response Summit 2012 Jun 21 - 27
Vanguard Security & Compliance 2012 Jun 25 - 28
SANS Canberra 2012 Jul 2 - 10

Full 2011 Calendar