In his opening keynote to members attending this year’s (ISC)2 Security Congress in New Orleans, CEO David Shearer talked about the resilience of the city in the aftermath of several hard-hitting natural and human created disasters noting, “It’s hard not to be inspired by the resiliency of this region.”
Using New Orleans as a model for resilience, Shearer said, “In my experience resiliency to respond to complex challenges is directly linked to a thorough understanding or a holistic view of the challenges you are likely to face." Shearer also commended the first responders of the region for having a deep understanding of their missions – dealing with bad situations and responding appropriately to the unpredictable.
Addressing the audience of cybersecurity professionals, Shearer said it is equally as important that, like first responders, experts in the industry do not approach their work through fear, uncertainty and doubt. “They plan for it, they drill for it, they are ready for it. It’s ingrained in what they do and who they are. We need to have a similar mentality about the growing threats we face,” Shearer said minutes before introducing Louisiana congressman Cedric Richmond.
Rep. Richmond, who currently serves on the House Committee on Homeland Security and the House Committee on the Judiciary, validated the need for planning and preparation in noting, “This conference comes at a pivotal time in our nation’s history and future. The secretary of Homeland Security recently warned that the next attack the magnitude of 9/11 won’t involve airplanes. It will be a cyber-attack.”
Systems at all levels are under attack at all times, Richmond said, which has provoked local, state and national conversations about what is needed to protect the economy and preserve the American way of life.
“First, federal, state and local governments must be structured and funded to properly protect against, investigate and remove malware on their systems and to serve as effective cyber-defense partners with the private sector,” Richmond said.
Advocating that the industry look to candidates with nontraditional backgrounds, the congressman also said, “We need a robust cybersecurity workforce to support both the private and public sectors.”
Educating the public on good cyber hygiene and building partnerships between the private and public sector will also help to advance the understanding of why cybersecurity matters. “Although we have made progress in these areas, progress has been too slow and too inconsistent. A game plan has to give everyone clear assignments and responsibilities. If people’s assignments aren’t clear, players and bad actors go uncovered. That’s how you lose a game,” Richmond said.