Chip Block interviewed by Cybersecurity TV; Insights on Government Cybersecurity Options
While attending RSA in San Francisco in March 2017, Chip Block was interviewed by Cybersecurity TV’s Trevor Rudolph, COO of Whitehawk.
During the interview, Chip discussed his participation in ACT-IAC‘s cybersecurity panel advising the transition team to the then incoming administration, including technology, cybersecurity, workforce, and IoT.
Government Cybersecurity for the New Administration
Closing the gap in the cybersecurity workforce
Rudolph and Block also discussed ideas on how to closing the gap of the cybersecurity workforce. Chip recommends spreading a combination of technology and spreading out of the now geographically centralized workforce. The government should support and enable the smartest of the smart to do their best and work towards ongoing cyber protection for all government agencies.
Improving acquisition speed in the government, including Cloud SIN
Block and Rudolph then turned the conversation to how, or if, the government can make changes to speed up the pace of government adopting new technology. Block commented that agencies must apply the technology based on the individual business model so that it is incorporated and provided as a managed service. Having a managed service contract would accelerate the contacting process because it would be a banner service incorporating elements that are now separate contracted items.
Ideas for which agency could oversee IT solutions for all government agencies, GSA, DoD, or DHS to speed up the contract acquisition process. Block acknowledged that GSA has made a major change with the Cloud SIN (GSA IT SCHEDULE 70 CLOUD SIN 132-40) with a new business model that everyone across the government has access to.
Adding cyber risk quantification to the cybersecurity plan for all government agencies
The two briefly discussed of a creation of a cybersecurity agency to provide IT to all government agencies. While that may be an option, Block recommends incorporating business goals into the cyber solution since there is not one blanket solution for every organization. Alluding to the concept of cyber risk quantification, Block indicated that each organization must determine the trade off of how much security versus how much risk you are willing to have.