Listen to this articleThe following interview with Mr. Cesar Pie, President and CEO of CSIOS Corporation, discusses CSIOS’ view regarding the future of Defensive Cyberspace Operations.
“Without question, our most important cyber resource is our workforce; moreover, as we look to build a world–class cyber workforce of the future, maintaining the quality of our cyber workforce is becoming not only our highest priority but also our greatest challenge.”
Q: How would you define Defensive Cyberspace Operations?
A: Simply put, Defensive Cyberspace Operations or DCO is a term primarily used within the Department of Defense (DoD) to describe cyberspace operations intended to defend DoD information systems and networks or other friendly cyberspace.
Q: In your opinion, what is the current state of DCO?
A: The U.S. Government portion of the cyberspace domain is under persistent attacks from nation–state and non–state sponsored advanced threat actors. In essence, the scale of U.S. Government networks has made it a relatively easier target for a growing number of cyber–attacks and exploitation activities which are becoming more repeated, unconventional, aggressive and dynamic. In recent years, U.S. cyber defenders have been challenged to protect an attack–surface that continues to grow rapidly and significantly. Running on what appears to be an endless hamster wheel, we are now, as a cyber nation, coming to the realization that we are basically unable to defend every information system and network against every intrusion as our portion of the cyberspace domain has simply become too large and vast to close vulnerabilities that surface daily. Today’s U.S. cyber defenders are up for the challenge but we must be more strategic in our approach to DCO. In the face of cyberwarfare by a capable adversary, we must out–think and out–smart these actors not try to out–punch them.
Q: In brief, how would you describe CSIOS’ approach to provision DCO services?
A: CSIOS approach for DCO integrates a forward–looking cyber workforce, DCO Framework, and cyber technologies in custom–made–to–measure fashion. Together, our solutions are designed to not only protect and defend an organization’s most important networks, systems, data and information so that they can carry out our missions effectively and efficiently, even in a degraded state, but also to maintain high level objectives of protection, monitoring, detection, analysis, diagnosis, and response–shifting in accordance with the differing attack–surfaces and operational threat environments and classification levels they support.
Recommended: Leafpon Aims To Revolutionize The Industry And Offer A More User-Friendly Approach
Q: You mentioned a cyber workforce, DCO Framework, and cyber technologies. Which one is your most important component?
A: Without question, our most important cyber resource is our workforce; moreover, as we look to build a world–class cyber workforce of the future, maintaining the quality of our cyber workforce is becoming not only our highest priority but also our greatest challenge. To achieve and maintain cyberspace superiority in today’s operational threat environment, CSIOS has developed a new kind of cyber defender who is educated and trained to understand the importance of command, control, computers, communications, and cyber (C5); intelligence; and operations collaboration.
Allow me to explain. Over the past decade and across the nation, standard DCO operator training has been focused primarily on a structurally strong C5 but fragile intelligence and operations foundation. Given the size and complexity of our U.S. Government information systems and networks combined with disparate operational, mission and organizational priorities and functions, achieving effective and efficient DCO of U.S. networks depends on farming a new generation of DCO operators trained to understand the value of C5, intelligence, and operations collaboration and decision making integration.
Q: What could you tell us about CSIOS DCO framework?
A: Our DCO framework seeks to maximize the full range of implemented DCO active and passive cyberspace defense capabilities and investments available to the organization and ensure cybersecurity practices are adopted or reinstated from the outset. Our DCO framework works with, supports, and improves other methodologies, standards, or models such as Capability Maturity Model Integration (CMMI), International Organization for Standardization (ISO), Information Technology Infrastructure Library (ITIL), Control Objectives for Information Technology (COBIT), Agile, DevOps, and DevSecOps; it also integrates IT industry and U.S. Government specific risk management strategies and best practices such as National Institute of Standards and Technology (NIST) and Risk Management Framework (RMF).
In essence, we fuse the abovementioned methods with proven cybersecurity approaches and principles (e.g., defense–in–depth, layered defenses, mission relevant cyber terrain prioritization, attack surface target reduction, domain separation, process isolation, abstraction, resource encapsulation, least privilege, data hiding, modularity, simplicity, adaptation and operational resiliency) and apply our own proven signature for success (i.e., know–what–how–where–why) to achieve the ideal made–to–measure solution recipe and service size for each customer. What’s important to emphasize at this juncture is that larger (at scale), faster, and cheaper is not always better. As an art, cybersecurity quality (over quantity) through the balanced integration of people, technology, and operations is shockingly powerful.
Q: What technology areas is CSIOS currently focusing on to provision its DCO services?
A: At CSIOS, our strategic efforts are rooted in a strong commitment to ongoing research and development, adoption of innovation, and evolution through modernization in order to keep pace with our persistent adversaries. Our immediate future requires an increased focus on automation and big data analytics by harnessing technologies that integrate meaningful and relevant intelligence, operations, and C5 data through machine learning, artificial intelligence, and data science. Equally important, we enrich the abovementioned data with organizational mission and business essential functions, including the implications of the unclassified and classified environments they depend on, as well as the operational threat environment they confront. These elements of big data are of no relevance if unable to be transformed into meaningful information through data visualization that focuses on a joint common operational picture and shared situational awareness environment for command decision support.
Q: Any closing remarks?
A: Over the years, our nation has continued to face cyber–adversaries that are growing in sophistication, capability, motivation, and extreme impudence. Today’s cyber battlefield requires our cyber defenders to fight an uphill battle to maintain superiority against threat actors conducting hacking and cyber–espionage campaigns with precision and stealth–most unconcerned and unafraid of repercussions or retaliation. It is no secret that nations and nation–sponsored groups are competing against one another–some even forming back door alliances to develop offensive and defensive cyber capabilities in the hunt to establish cyberspace superiority. I firmly believe that our immediate DCO future could be different. We could level the playing field through the integration of a forward–thinking cyber workforce, DCO Framework, and cyber technologies in custom–made–to–measure fashion suitable to meet the organizational mission and differing attack–surfaces, operational threat environments, and classification levels they support.
Activate Social Media:
