At a recent AFCEA meeting in Tampa, we heard from an amazing panel of cybersecurity experts including
- MAJ GEN John A. Davis, USA (Ret.), Vice President and Federal Chief Security Officer, Palo Alto Networks
- Mr. Nanda Santhana, SVP Cyber Security Solutions and Field Engineering, Securonix
- Mr Drew Epperson, Senior Federal Solution Architect, Intel Security
- Mr Tony Cole, Vice President and Global Government CTO, FireEye
Finding ways to share information about vulnerabilities, threat methods and patterns, and how to take a holistic approach to cyber defense is critical.
In preparing for the Florida GovCon Summit which is March 29-30, I’ve learned so much about the resources we have to protect from cyber attacks. The main vulnerabilities are individual employees and end users who think that someone else is taking care of the cyber side, and that their own slightly insecure online practices don’t matter. We are online constantly. We have all of our devices turned on and using our wireless networks 24 hours a day. We want more ways to listen to music, order books from Amazon using Alexa, and being able stay connected while we walk to our cars in the morning and start immediately with phone calls.
While planning for the Cyber360 panel yesterday, I heard from the team of subject matter experts one constant theme. Lisa Shasteen said it best “this is a team sport. If you don’t have everyone on the team, you can’t perform.” You need to hear from this amazing team:
Lisa Shasteen of Shasteen & Percy: calling in a cyber attorney should be your first step, so you are protected under attorney client privilege and can be guided to take the appropriate steps and make sure everyone on your team understands what is required.
Angel Rojas of DataCorps: usually IT is the first group that starts taking action, but you need to bring in someone who knows how to deal with these attacks, or you are destroying the forensics you need. Immediate tendency is to start restoring backups, but that may not be the right action.
Michael Lipscomb of Loricca: focus needs to be on planning, prevention and preparedness. Putting in systems with controls is part of it, but you have to look across your entire connected systems and come up with integrated solutions and maintenance.
Jonathan Hard of H2L: as federal contractors, there are DFARs requiring cyber controls, and you’re seeing these clauses in your contracts, and required to flow-down to subs. It’s not just security, but also incident response and documented procedures. If you don’t have these systems in place, you will be disqualified.
Michael Ferris of Abacode: implementing a comprehensive, risk-based solution that is scalable and under 24/7 monitoring and control is how you make sure you’re protecting your organization, your clients, and your partners.
Rick Roman of Gulf Coast Insurance: having cyber insurance is critical to the health of your enterprise. Major breaches are occurring constantly, and making sure you’re working with someone who understands the risks and will work with you is important.
Join us at Florida GovCon Summit on March 29-30, 2017 in Tampa. This is just one of ten sessions that will educate you and help you to become a more valued partner in the federal community. Go to govconconference.com to register today.