Expert discusses cyber threats
Robert Stringfellow, President and CEO of Megadata Technology LLC, of Fort Washington, MD, has a unique view of the world. Having spent 12 years in the military and now running a company that provides advanced technology services to government clients, Stringfellow has an exceptional perspective on what keeps us safe – and what puts us in danger.
Stringfellow spoke exclusively with GSN: Government Security News about the most pressing cyber security issues today and what keeps him up at night.
“I am always concerned that we have a lot of security professional personnel that are in it for the money part of it, and not in it for protecting the data, because they don’t even know how to protect their own data,” Stringfellow told GSN. “I worry about the security professionals who go get accreditation just for the money, without a well-rounded background in security. There are a lot of security people out here that are totally inexperienced.”
But inexperienced security professional are not the only problem in his view. An uneducated public has its own set of problems, Stringfellow pointed out.
“A lot of people are looking for easy solutions or using outdated tools or using too many tools that do it for you, without analyzing data and really getting to understand how to analyze information,” he said. “There are too many short-cuts for quick gain. Once you start cutting corners, you will always get the same results in the end.”
In the end, Stringfellow believes, it will be up to the private sector to make cyber-space safe for all users.
“The Internet needs to be regulated. It’s like the NFL. All the teams have to help regulate it. If we get all the big companies to sign on to protect their own data, and set the tone, everyone else will follow. Businesses need to create the rules about how to play the game. If you want to connect with me, and play with me, you’ll have to do so at a certain level. The government shouldn’t be regulating the Internet, they have enough to regulate right now.”
But even without regulation, the government is now confronting some big cyber-security issues including…
“We have hackers overseas and homegrown ones -- they want to even the playing field or just go against the grain. They don’t like what’s going on in terms of policy, so they hack the Pentagon or some other government agency and it’s just for notoriety. It’s mostly about self-promotion, street credibility. They are marketing themselves.”
“Cloud computing is great for usability and performance. It’s the best way to go. Does it put us in a prickly situation with security? Yes. That’s always going to be my concern. If you play into an unregulated game -- an unregulated cloud where people may not be playing fair – it’s always a dangerous way. You might open yourself up to -- or make yourself susceptible to -- attack.
“With war, you’re always going to attack communications first. That way, information cannot be disseminated. That’s a classic tactic of the U.S. military. So, yes, I believe cyber-war will increase. There is a lot of probing going on regarding people trying to figure out where they can be the biggest nuisance.”
Stringfellow imagines the worst cyber-security catastrophe would be aimed at our nation’s financial system.
“If someone could inject a worm or virus into the infrastructure and it was able to actually bring down the financial mainframes and computers, that would be the worst case scenario,” he said. “The rule of America is money. If they could bring down the financial system, it would be a low point. Followed by communications -- if we don’t have money and we can’t talk, it would create panic, that would be a nightmare.”
But Stringfellow stays focused on more likely threats, like those that result from the rise of telecommuting for work.
“With more people working from home, they have to be able to link to the systems infrastructure,” he told GSN. “So, we have to consider what we keep off the grid. But, if you’re going to plug into the infrastructure and it’s unregulated, people won’t play fair. Anything that can be engineered can be re-engineered. We are so plugged in. If the Web shut down, we would have mass panic, and it would definitely bring us to a halt.”
|Event Details||Dates of Event|
|SANS Counter Hack 2013||Nov 7 - 14|
|SANS Pen Test Hackfest 2013||Nov 7 - 14|
|SANS Korea 2013||Nov 11 - 16|
|Military Exports & Compliance Asia||Nov 12 - 14|
|NCT: Counter IED Asia, 12 - 15 November 2013, Bangkok||Nov 12 - 15|
|School Safety Symposium||Nov 13 - 13|
|Southwest Microwave Perimeter Defense Seminar||Nov 13 - 13|
|OWASP AppSec USA 2013||Nov 18 - 21|
|GovSec West Conference & Expo 2013||Nov 19 - 20|
|Southwest Microwave Perimeter Defense Seminar||Nov 19 - 19|
|Oracle 7th Annual Federal Forum||Nov 20 - 20|
|World BORDERPOL Congress||Dec 3 - 4|
|Critical Infrastructure Protection and Resilience Europe||Feb 12 - 13|