IT Security Automation Conference Highlights New Security Strategies

IT Conference — IT Security Conference. Photo credit: Ibrahim Dabo.

Day Three of the 5^th Annual IT Security Automation Conference in Baltimore, Maryland, October 26 – 29, 2009, was fully engaged with presentations, keynote, panel discussions, workshops and Expo.

Hager said it is important to make sense of information gathered and put it into action. Report and photos by Ibrahim Dabo

Speakers continued to talk about how information systems can be well managed to adequately deal with attacks from the ‘bad guys,’ risk management, and better decision making.

“If there is information advantage in the U.S., it starts here: it is about the ability to gather, manage, protect vast quantities of information from all kinds of sources,” said Tony Hager, Chief of the Vulnerability Analysis and Operations Group, National Security Agency (NSA).

Hager said it is important to not only make sense of information after it has been gathered but to also take action.

“We don’t want to spend a lot of money on the data gathering point—that’s where we are today,” Hager said. “What we want to find is ways to move that information to where it is needed in a form in which it is needed to allow us to make those kinds of tough choices…”

Hager added that there is a need to figure out the risks and vulnurabilities as soon as possible in order to drive the decisions that have to be taken to the nation in order to protect us.

Hale said we need to be ahead of the ‘bad guys’

Richard Hale, Chief, Communications Information Assurance Engineering & Support, Defense Information Systems Agency (DISA), said he worries about the fragility of our technology, reinforcing the need to be proactive.

“This business of cyber attacking right now is pretty easy,” Hale said. “Attacks are really easy, cheap, [and] scalable. They can be developed fast. ‘Bad guy’ really don’t need a lot of infrastructures.”

Hale said ‘bad guys’ are very agile, and that we have to think about these technology realities as part of a solution.

The Expo was also packed with many organizations showcasing technologies that focus on Healthcare IT, Cyber Security, and other Emerging Secure IT Technologies.