DOVER — Secretary of Homeland Security Jeh Johnson says the U.S. is in the midst of a cyber conflict right now.
The National Cybersecurity and Communications Integration Center (NCCIC), which exists within the Department of Homeland Security to be the sole portal for the receipt of cyber threat indicators for the federal government, received 145,566 reports of cyber attacks last year alone, he said.
“Cyber attacks on this nation occur daily and hourly,” said Sec. Johnson. “There is no ‘cyber threat’, the actual attacks are already here. The need for cybersecurity is here and the need to continually build stronger cybersecurity is here right now.”
Sec. Johnson was invited by Sen. Tom Carper, D-Del., on Monday to hold a “cyber security conversation” at Delaware State University. The well-attended event drew Sen. Carper himself and outgoing Gov. Jack Markell.
Jack Markell
Echoing Sec. Johnson’s sentiments, Gov. Markell pointed out that cyber security assaults are dealt with regularly on the state level as well.
“The topic of cybersecurity could not be more important in terms of our own personal affair and state affairs,” said Gov. Markell. “We have so many infiltration attempts on a daily basis, it’s mind-boggling. Staying one step ahead of those who would do us harm is extraordinarily difficult work. Sometimes the greatest threat is looking back at us in the mirror — those of us who are not as careful as we should be with our passwords and doing the things we need to do in term of our safety.”
Sec. Johnson pointed out that some of the most nefarious cyber attacks do, indeed, have their roots in a lapse in good judgment.
“The most sophisticated and devastating attacks launched very often originate with a very simple act of spearfishing,” he said. “This is where someone on your faculty or in your student body opens an email that they shouldn’t have from someone they didn’t recognize and clicks an attachment.”
Above all, he stressed user awareness as one of the key weapons against cyber attacks. He also laid out a number of initiatives underway by the Department of Homeland Security that are being used to boost cybersecurity on a national level.
“We’re deploying something across the entire federal government something called Einstein 3A (E3A),” he said. “It has the ability to block and prevent cyber intrusions into our federal system. We set a timetable for us to have that system available last year and we met that time line. We’ve set a time line to have the rest of the federal government using it by the end of the year.”
According to DHS, they deployed E3A to enhance cybersecurity analysis, situational awareness, and security response. With E3A, DHS will not only be able to detect malicious traffic targeting federal government networks, but also prevent malicious traffic from harming those networks. This is accomplished through delivering intrusion prevention capabilities as a Managed Security Service provided by Internet Service Providers (ISP).
Under the direction of DHS, ISPs will administer intrusion prevention and threat-based decision-making on network traffic entering and leaving participating federal civilian Executive Branch agency networks.
As he concluded his presentation, Sec. Johnson took the opportunity to tell DSU students that their government needs them.
“We need good cyber talent,” he said. “We need capable, competent and energetic cyber talent to come work with us, whether it’s in the department of homeland security or other agencies. In July, DHS launched our first cyber and technology job fair over a period of two days. We had 14,000 applicants, we interviewed 800 people Online and made 400 offers. Just from that job fair, we already have 120 new people on board.”
The DSU event, which was also a job fair centered on employment and education in the cyber security field, was free and open to the public. The job fair portion of the event included a discussion panel moderated by James Collins, chief information officer of the State of Delaware.
Representatives from the U.S. Department of Homeland Security, the Delaware Department of Information Technology, as well as private companies manned booths outside the student center after the presentation to field students’ questions.
The discussion panel featured Ian Bromwich of Barclays Bank, Peter T. Edge of Homeland Security Investigations, Elayne Starkey, the Chief Security Officer for the State of Delaware and Dr. Marwan Rasamny, the Associate Professor, DSU’s Computer and Information Sciences. The consensus of answers to questions given from the crowd and moderator seemed to indicate that cyber security is a boom industry badly in need of talent. That idea seemed to hold true in both the private and public arenas.
“There are enough technology jobs to go around in the government and private sector, my understanding is there is 0% unemployment rate in IT,” said Mr. Collins. “If I was thinking about what to do in the future, I’d be thinking about IT.”
In a panel question about the job opportunities for cyber security and IT professionals in the private sector, Mr. Bromwich said the need is both rising and continuous.
“The opportunity for employment is huge and we are actively recruiting,” he said. “Our budgets have gone up 20-25% year-on-year. New threats keep coming too, it’s not like you can fix the security issues and you’re done. We’re hiring across the board.”