by clicking on the page. A slider will appear, allowing you to adjust your zoom level. Return to the original size by clicking on the page again.
the page around when zoomed in by dragging it.
the zoom using the slider on the top right.
by clicking on the zoomed-in page.
by entering text in the search field and click on "In This Issue" or "All Issues" to search the current issue or the archive of back issues respectively.
by clicking on thumbnails to select pages, and then press the print button.
this publication and page.
displays a table of sections with thumbnails and descriptions.
displays thumbnails of every page in the issue. Click on a page to jump.
allows you to browse through every available issue.
GCN : April 2014
Full 10 question interview online at: GCN.com/2014StandCybersecurity With the rise in zero-day threats cyber can't be business as usual QInnovation is key to developing effective security solutions, so what's being done in both government and industry to promote that, and to fund new initiatives? How can these efforts be improved? AThere are a lot of groups doing good work across the government arena. For example, In-Q-Tel, an independent, not-for- pro t rm that provides venture capital to companies developing technology that could aid the intelligence community. And the DHS (Department of Homeland Security) has a transition-to-practice group that comes at it from the other direction, looking at innovative solutions developed within the federal government to see if there are tools that industry could turn into commercial products. Another exciting project is Plan X at the Defense Advanced Research Projects Agency. This program brings together experts from universities, the defense industrial base and private industry to do research that supports the development of cyberwarfare platforms. There has also been a lot of innovation in the security industry in recent years, where technology is catching up with the evolving breed of cyber threats. The industry has seen the emergence of next-generation security technology (aka next- generation rewalls) and advanced threat protection appliances. So now, government is doing more in the cybersecurity area and we're pleased with how they're guiding cybersecurity innovation across the U.S. QRisk management is an oft- used phrase in cybersecurity today. What does it mean to you, and how well do agencies understand it and practice it? A Ultimately, risk management is about data. You need to identify your critical data, and you need to understand what the impact would be if that data were compromised. Impact is a critical distinction. An organization might have a security solution that catches x number of attacks a day. But most of those attacks will be the type of malware that is being broadcast across the Internet. On the other hand, there is the hacker targeting a procurement of cer in charge of a major contract award -- perhaps hoping to gain a competitive edge by reviewing the bids submitted by other companies. If successful, that one attack could have a much bigger impact than the other 9,000 combined. This is a primary reason why agencies need to adjust their thinking. Yes, it is critical to provide the security infrastructure to protect the enterprise. But they cannot protect everything -- and they will in fact be compromised at some point --- so they need to understand the risks associated with their different datasets and manage them accordingly. Sponsored Content Tony Cole Vice President and Global Government CTO FireEye, Inc. "Agencies cannot protect everything, so they need to understand the risks associated with their different datasets and manage them accordingly."