Federal Times caught up with Suzanne Spaulding, Homeland Security undersecretary for the National Protection and Programs Directorate, while at the 2016 RSA Conference to talk about why she and other feds made the trek out to San Francisco, what they're learning at the show and what they want to say to industry.

Why does DHS go to big cybersecurity conferences like RSA?

We thought it was really important for the Department of Homeland Security to be here. For a number of years now we've been coming to this conference and we do so for a number of reasons.

One is to make sure we understand the innovation and the trends that are happening in this very important area of cybersecurity solutions and cybersecurity technology because we need to benefit from that innovation and that technology.

It's also important to us that the folks out here and across the country that are working in that innovative field understand what we do and the role of the department in protecting particularly the .gov space but also working to protect critical infrastructure and private sector cybersecurity.

And then, third, we'd like to recruit some more of the best and the brightest to fill our ranks.

What trends have you seen at the conference so far that have piqued your interest?

There are all kinds of things that are happening out here that are very interesting to us and important to us. We have developed for the .gov space an important platform called Einstein that we hope to continue to build by adding innovation, innovative products and developments from the private sector.

Similarly, out Continuous Diagnostics and Mitigation program, which looks at the health of the network and who's on the network from the inside is really bringing into the government technologies and products produced by the private sector.

So the kinds of things folks are talking about out here — the innovative approaches to achieving scale, for example, how do we make sure the things we're doing we can do on a scale that matches our adversary; the speed with which our adversary is moving; the ways in which we have to be able to learn, do machine learning; be able to recognize things we've never seen before. This is work that we're undertaking at the department and we're benefiting from some of the innovation out in the public sector.

What are you telling industry while you're here?

We want industry to know that we are very interested in not competing with the private sector. But in collaborating with the private sector — mostly in benefiting from the kinds of innovation and technology that's being developed out here.

We want to make sure they understand the challenges we're seeing in trying to bring both tools and techniques to the civilian government space but also in helping the private sector do better risk management.

And I'm pleased to see out here that there's a lot of talk about the recognition of the need to move to a risk approach and a mission-based approach to cybersecurity.

How do you motivate people to join the government when the private sector offers much higher salaries?

In terms of building the cyber workforce, I've been talking for some time now with my colleagues in the private sector about working together to both put resources into building that pipeline. Going to colleges and universities to make sure that we're appealing to students to go into cybersecurity but also providing some resources to help there.

The deal that I make with the private sector is: I'll hire them right out of school and we'll give them on-the-job training for a few years, then you lure them away with a bigger salary, more money. And then when they've put their kids through college, they'll miss the mission and they'll come back to us.

That's the way we're going to have to begin to think about our workforce, which is different for the government. Not getting someone in and keeping them for an entire 30- or 40-year career.

Aaron Boyd is an awarding-winning journalist currently serving as editor of Federal Times — a Washington, D.C. institution covering federal workforce and contracting for more than 50 years — and Fifth Domain — a news and information hub focused on cybersecurity and cyberwar from a civilian, military and international perspective.

Share:
In Other News
Load More