“The Christopher Columbus Rule and DHS”
by Mark Weatherford
As usual, here is the official abstract…
“Never fail to distinguish what’s new, from what’s new to you.” This rule applies to a lot people when they think about innovation and technology in the government. At the U.S. Department of Homeland Security, in addition to running the National Cybersecurity and Communication Integration Center (NCCIC), the US-CERT and the ICS-CERT, they work daily with companies from across the globe to share critical threat and vulnerability information. DHS also supports and provides funding for a broad range of cutting-edge cybersecurity research initiatives, from the development and implementation of DNSSEC to sponsoring the use of open source technologies and from development of new cyber forensics tools to testing technologies that protect the nation’s industrial control systems and critical infrastructures. This is not your grandfather’s Buick! Come hear Deputy Under Secretary for Cybersecurity Mark Weatherford talk about research and training opportunities, the growing number of cybersecurity competitions sponsored by DHS, and how they are always looking to hire a few good men and women.
And some notes I took based mostly on my tweets during the talk put together in a slightly more intelligible way… Overall I was very disappointed in this talk… It just seemed like a big recruiting commercial to get people at Black Hat to work for DHS. I guess this is a necessary evil to attract good people though. I did like the connection with this Christopher Columbus rule … DHS is trying to connect with out-of-the-box thinkers (i.e., us) so they can work with them more closely … resulting in them knowing more of what they don’t know. Hence what they think is new is really new and not just unknown.
- Christopher Columbus Rule
- “Never fail to distinguish what’s new from what’s new to you.”
- Relation to DHS
- They are looking for the out of the box type thinkers. Many in the agency are uncomfortable with this.
- Summarized goals of DHS as well as metrics of all their great accomplishments so far.
- Now Mark is playing up to the crowd saying how awesome we are.
![;)]()
- Many people here are ninjas and organizations need them to build their security group around.
- But No One Wants to Work for Government
- So they are working to change their image.
- Big Picture Image Changers: NICE, NSA Academic CoE, NSF partnership, CCDC, career “stop” at DHS before going into private sector – they’re hoping many stay, …
- Employee Level Image Changers: Mentoring programs, rotational opportunities, …
- Goals
- Attract Talent
- Encourage Collaboration across Government & Industry
- Achieve Operational Excellence (basically streamlining things…): Insert bear running reference here. DHS wants to run faster than ???
- 3 Challenges
- Continue Talking about Security Openly (well unless you are the gov; the rest of us should talk openly about it though
![;)]()
) - Do What You Can to Make Security Less Confusing for Average Consumers
- Execute – Automate, Automate, Automate
#####
Were you at Black Hat and saw this talk? What did you think? Let us know in the comments below. Today’s post pic is from BlackHat.com. See ya!