By Lois Kirkpatrick
“There’s a trillion-dollar anti-virus industry, but are you feeling any safer?” Riley Repko asked the business leaders, educators and county officials who attended “Cyber Security: The Ultimate Man-Made Partnership” hosted at Neustar in Sterling, VA.
Repko, the CEO of Trusted Cyber Solutions, moderated a panel of cyber security experts convened for this event, which was cosponsored by the Loudoun County Department of Economic Development and the Loudoun County Chamber of Commerce.
The panel agreed that the primary threat to cyber security in the U.S. today comes from human error.
“The vast majority of the problems we have today are from phishing,” stated “Rick Tracy, chief of security at Telos, a Loudoun-based cyber security company. “Programming people to do things properly would go a long way [toward helping cyber security].” Tracy said the majority of security breaches faced by corporations are “completely avoidable.”
Yong-Gon Chon, the CTO for SecureInfo, agreed that the main security issue “comes back down to people … There has to be a culture change.”
John Toomer is the director of Intelligence, Information and Cyber Systems for Boeing, which he said has the sixth-largest private network in the world. Toomer said the question is, “How do you soldier-proof the system?” meaning, how can system operators mitigate the threat of human error.
Toomer explained that there are 18 key industries – including transportation, finance and health care – that participate in Information Sharing and Analysis Councils. These ISACs have formed strategic collaborations to address threats to cyber security.
Small businesses factor into Boeing’s security management efforts. Toomer explained that Boeing projects involve a wide range of manufacturers, including a “mom and pop business in Arizona” that makes a key component of Apache helicopters. Companies must employ supply-chain management to ensure end-to-end security, Toomer advised.
Randy Fort is the director of Corporate Programs Security at Raytheon. He explained that the private sector is at the forefront of technical innovation, and is taking the lead on creating cyber security solutions. Although the federal government is working on policies and programs to address threats, it’s not as nimble as the private sector.
As an example of the gap between government agencies and the private sector when it comes to technology, Fort explained that it takes DoD on average 81 months to make a computer system operational after first funded, while it took Apple only 24 months to take the iPhone from idea to production.
Loudoun’s cyber security event attracted a number of small business owners seeking information about how to do business with companies such as those represented by the panel. Yong-Gon Chon explained that past experiences with small businesses have caused some corporations to view them as having a hand-out mentality. “Don’t do this,” Chon advised. Instead, “bring a solution to the table. Have something unique to offer.”
Repko stressed the importance of small businesses to cyber security, naming them as part of the three-legged stool that includes the government and large defense contractors. He recommended what he called “The One-to-Many Approach.” He said that small business owners should find industry groups such as the ISACs mentioned earlier, and arrange an opportunity to make a pitch to the group as a whole.
Boeing’s Toomer advised small business owners to get themselves on the list of vendors who can compete for contracts.
At the conclusion of the event, Loudoun’s Interim Business Development Officer, Steve Hargan, revealed that the cyber security event was just the first of several similar events that would be offered to the business community by the Loudoun County Department of Economic Development. Upcoming events will be announced on this website, as well as through the department’s Twitter, Facebook and LinkedIn sites.
