A Call to Cyber Arms

By Maryann Lawlor
SIGNAL Scape
The official blog of
AFCEA International
and SIGNAL Magazine
12/02/09

Sherri Ramsay, director of the NSA's Central Security Service Threat Operations Center, opened AFCEA's SOLUTIONS Series today by admitting that the intersection of cyber, national and economic security has changed the way her organization interacts with industry. Citing statistics that cybercrime has cost individuals more than $2 billion, Ramsay called for shared network situational awareness across the U.S.
government, industry and individuals. This holistic approach must include information about who owns, operates and defends the networks, she said.

"Cyberspace at the Cross Roads: The Intersection of Cyber, National and Economic Security," is the third in this year's SOLUTIONS series of forums and is taking place December 2-3 at the National Conference Center. The event features presentations by military and government leaders as well as three tracks of panel sessions that are designed to prompt discussions among attendees.

Despite the need for a holistic approach to cybersecurity, Ramsay acknowledged that determining how to do it poses many challenges. She related that while discussing cyber defense with her counterparts in New Zealand, she described the change in tactics as the difference between playing football and playing soccer. While the former involves offensive and defensive teams taking the field separately, the latter calls on offensive players to go on the defense as soon as possession of the ball changes sides. The New Zealanders agreed that a change has taken place but said that cyber defense today more resembles rugby.

Ramsay called on government, industry and individuals to be more proactive in their part of cybersecurity. To this end, the NSA now uses the term "Team Cyber" every day to describe how it is enacting cyber defenses. Members of the team include the government, industry and academia to such an extent that the NSA has actually brought antivirus vendors into the same room with government network defenders to observe networks under attack. The vendors were then given the information and signatures they would need to improve the next version of their products.