Page 11 - index
P. 11
Where and when appropriate, and without unnecessarily or inappropriately revealing or exposing
proprietary information or other findings that may be classified or otherwise not appropriate for
public dissemination, it would be useful to prepare an unclassified version of the after action report
that would be a useful tool to practitioners across the stakeholder community and would include
information about what tactics, techniques, and procedures were utilized by the adversary and what
protective measures, had they been in place, might have prevented or reduced the impact of the
event. Learning from real-life experience is a powerful tool to help inform cyber risk management
plans and practices. Leveraging the tremendous capabilities of the FBI, Secret Service, and other
components of the government to provide useful lessons learned to the stakeholder community
would not only raise awareness, but also contribute to informing users and practitioners about
priority approaches for managing risk across their own environments.
The 2015 CISA along with other pending legislative measures are important arrows in the quiver of
cybersecurity protection and preparedness. Learning from the functional and operational
capabilities utilized every day by the National Weather Service and the Centers for Disease Control,
and applying those lessons to building a comprehensive and scalable national operational capability
that will improve our collective capability to detect, prevent, mitigate, and respond to cyber events
will enhance our national cyber protection profile and make it more difficult for the bad guys to
achieve success. Combining these activities with a comprehensive and sustained national
education and awareness, driven by public and private sector collaboration, to teach users how to
better protect themselves in cyberspace, will improve cyber hygiene and raise the bar of cyber
protection.
October is Cybersecurity Awareness Month and there will be even more attention by the media,
policy makers, business leaders and more to raise awareness about cyber risk and our shared
responsibility for assessing and managing that risk. Let us leverage that attention to produce more
tangible and meaningful action. Working together in a collaborative manner among all stakeholders;
public sector, private sector, academia, non-profits, and many more, we can make a difference in
addressing the evolving cybersecurity challenge. Let’s get to it…
About the Author
Bob Dix is Vice President for Global Government Affairs and
Public Policy at Juniper Networks. He was Chair of the Partnership for Critical
Infrastructure Security from 2011–2014 and chaired the Information Technology
Sector Coordinating Council from 2008–2009. He has been an active industry
leader in efforts to improve cybersecurity and critical infrastructure protection for
more than 10 years. He served as Staff Director for the House Subcommittee on
Technology & Information Policy during the 108th Congress.
11 Cyber Warnings E-Magazine – September 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
