Highlights from the 2010 Symantec Government Symposium

The annual Symantec Government Symposium convened in Washington, DC on June 22 with a singular message: there can be no comprising the openness, security and ubiquity of cyberspace and our complete connectivity to it.

The morning began with a technologically appropriate audience participation exercise. Gigi Schumm, vice president and general manager of Symantec’s public sector division, asked attendees to answer three poll questions, via text message, to gage the audience’s opinion on the most pressing cyber security issues today.

The first question Schumm posed was, has the state of cyber security improved over the past 12 months. 55 percent of the attendees believed it had not, while 45 percent believed it had. Schumm then asked, what is the biggest threat to cyber security today. Although 40 percent of the audience chose hostile nations, 39 percent believed the biggest threat stemmed from a lack of a federal approach to cyber security, while 21 percent indicated organized crime was the most dangerous. Schumm’s final question was regarding who or what has the biggest impact on cyber security in the United States today. The audience determined industry to be the most influential over the White House, the Office of Management and Budget, Congress, the Department of Defense (DoD) and the Department of Homeland Security (DHS). The poll was revealing, to say the very least.

The daylong event at the Ronald Reagan Building & International Trade Center was filled with informative and engaging speakers from all walks of private and public life.

Howard Schmidt, the cyber security coordinator in the executive office of the President, and Major General Suzanne Vautrinot, the director of plans and policy for the newly established U.S. Cyber Command, used their time on stage delivering keynote speeches during breakfast and lunch, respectively, to emphasize the nation’s complete and total dependence on cyberspace, the dire necessity to ensure it’s security and the ways in which the government – both civilian and military officials alike – are working towards that goal.

“We’ve been dealing with cyber security issues for years,” Schmidt noted.  “But it’s not perfect.”

Schmidt focused on the importance of creating a better online experience for the end-user, not by “making them a security expert,” but by providing “education and awareness.

“We have to ask ourselves, how can we make privacy better? … [And] are we committed to making security a part of what we are doing everyday?”

Vautrinot agreed that cyber security was a crucial, and not just for civilians.

“We are only as strong as our weakest leak [because] we all touch the network.”

Vautrinot pointed out that the military took note of the president’s “call to arms” when he made cyber security not only a national security issue, but also an integral part of the nation’s defense strategy.  She emphasized that to ensure security, there must be “a change in culture, a change in conduct and a change of capabilities.

“We must change the way we think,” she said, “the way we operate and the kinds of technology we bring to bear."

She also pointed out that the creation of the Cyber Command, as well as the military’s decision to designate cyber space as a “domain” – which determines the rules, regulations and technology used to function within it – has been, and continues to be, essential in guiding the military’s strategy to secure and employ cyber space in defense of the nation against criminals, hackers and enemy states – or the worse case scenario – a union of all three.

“That’s what we saw in [the 2008 war between Russia and] Georgia,” the Major General pointed.

“This is why the military mentality of responsibility in cyberspace is crucial,” she said. “We cannot separate defense and the defense of cyber space…  [Because] all domains depend on cyberspace.”

Throughout the day, five tracks convened around the issues of standards and directives, government services modernization, critical infrastructure, the horizon and the threat landscape. Insightful speakers were at them all.

Talking about smart grid technology, Annabelle Lee, a cyber security strategist at the National Institute for Science and Technology (NIST) told the packed room, “Reliability is number one [and] cyber security supports reliability.”

“Systems will be compromised and they will break,” Lee said. “And that must be built into the system.

“Standards are important, making sure that all agencies and organizations work together without conflicting standards or gaps,” she added.

In a panel entitled, “Cyber warfare, cyber espionage or cyber crime: what is the difference?” Trent Teyema, the deputy director of the National Cyber Investigative Task Force at the FBI painted a scary picture of the capabilities of our enemies in cyberspace.

“The tools and technique are the same,” Teyema said. “It’s the level of sophistication that they use.”

Andrew Bonillo, from the U.S. Secret Service Cyber Intelligence Division, added to the frightening portrait of the nation’s enemies in a panel entitled, “Gray market economy: fueling the threat.”

“There is a “slow bleeding” occurring on networks,” he stated. “One hacker told me that they have accessed approximately 75% of the world’s credit cards… These are highly talented people working very hard to be criminals,” he added.”

Meanwhile, the sessions’ moderator, Dean Turner, the director of Symantec’s global intelligence network, defined the landscape in which these malicious cyber criminals operate.