By Taylor Markey
A former director of the National Security Agency Threat Operations Center spoke May 1 on the state of cybersecurity during a lecture at this university.
“The real issue is the threat is growing … I’m not here to scare you,” Dan Ennis said. “I’m here to just tell you my context having been in NSA, having been in private sector and why there’s a business here.”
The lecture, titled “Today’s Strategic Cyber Challenge,” was the final one of the semester in the Whiting-Turner Business & Entrepreneurial lecture series. It look place in the Stanley Zupnik Lecture Hall of the Jeong H. Kim Engineering Building.
Ennis is the global head of advanced threat intelligence at BlueVoyant, a cybersecurity firm. He is also the executive director of the Cybersecurity Institute at this university.
Ennis said the U.S. government, as powerful and as smart as it is, is not scaled to the cyber challenge that has existed in the private sector.
“Every day we are seeing cyber penetrations of our networks and every day the real focus … is our economy,” Ennis said.
He said it was kind of expected that nations are growing their capability, but what he didn’t expect was the bigger challenge of the growing sophistication of cybercriminals.
“And that’s helped along in a couple of ways. One, just like nation-state actors, cybercriminals understand now that rather than invest in things like smuggling, drugs, etc. there’s money to be made in cyber,” he said.
The government cannot defend us against the penetrations in this space and in many instances does not have the authority to do so, he said.
“Everybody steals secrets … That’s NSA’s job, to go out and steal secrets … and every formed government has entities that do that,” Ennis said. “So I don’t blame people, but how do you defend against it?”
The government has a role to enable the private sector entities to get stronger, he said.
Ennis talked about the use and creation of organizations to prioritize the focus of private sectors.
“The fact is if you’re not prioritizing, whether it’s in cyber or within life, well, you’re not going to be effective,” Ennis said.
He also talked about how most software written today is not built for cyber protection. The role of the government is to enable sector-by-sector or by components to build security into these products and to set standards, Ennis said.
He said there are about 300,000 unfilled cybersecurity jobs in the U.S. right now.
“Academia has a role in developing the talent that will be the next generation to fight this problem,” Ennis said.
He stressed the importance of raising cyber awareness.
“Our kids have cellphones and access to the internet at 13. They’re susceptible to cyberbullying but are also susceptible to other … bad stuff,” Ennis said.
A. James Clark School of Engineering Dean Darryll Pines followed up Ennis’s remark by saying most American citizens do not practice cyber hygiene and protect themselves from wherever they are.
“I think it’s important to get people aware,” Rebecca Freerksen, a junior computer science major, said. “Like it was mentioned in here, there’s a lot of people that aren’t aware of what kind of threats there are, or what good cyber hygiene can do. And coming to a talk like this and learning about what threats there are out there, what you can do to stop it, what really goes on in terms of trying to keep people safe is important for people to know and there’s not that many that do.”
Featured Photo Credit:
Taylor Markey is a sophomore journalism major and can be reached at email@example.com.