Jenna Water’s time in the US Navy equipped her with sophisticated skills she now finds invaluable in her work as Cybersecurity Consultant at True Digital Security. She joins Tom Fox and Valerie Charles on this episode of ComTech to talk about how the cybersecurity industry is evolving, her vision to end security breaches, and what she thinks about President Biden’s executive order on cybersecurity.
Putting Corporate America on Notice
“I think businesses – particularly those that work in industries regarded as critical infrastructure, obviously because of the Colonial Pipeline hack – …a lot of them know now that they’re on notice,” Jenna tells Tom and Valerie. Recent cybersecurity attacks as well as the rise in ransomware, have driven home the need for good cybersecurity. These attacks not only impact businesses but are now tangibly affecting the lives of everyday citizens. Jenna believes this is sparking change in the industry, as the government, companies, and even the general public are taking cybersecurity more seriously.
End Security Breaches
Tom comments that his clients are now asking about their information security program, something they weren’t concerned about before. He asks Jenna how she would advise a company to start thinking about this issue. She outlines the steps her company takes to help their clients create a customized cybersecurity program. “…By prioritizing your risk, that’s how you can develop a more tailored cybersecurity program,” she points out. She and Tom discuss her vision of ending security breaches overall. She remarks, “For me, ending security breaches is a vision of the future in which a security breach can be detected, identified, and contained effectively… It’s not allowing a security incident to go to the point of a security breach… and it doesn’t affect or impact the organization or public in any significant way other than maybe the time it takes to contain it.”
Improving Cybersecurity with Data
“When you’re trying to combat this kind of breach, how do you use data?” Valerie asks Jenna. “Cybersecurity is actually one of the best areas in technology where it can be very data-driven,” Jenna responds. Data can help you build a threat profile and come up with an action plan to combat threats. Analyzing recent and past data can help you establish an operational baseline, and in turn recognize deviations from the norm. It can also help you identify gaps and vulnerabilities in your organization. There’s also the global perspective: gathering and analyzing data on threat groups helps you recognize their patterns before they attack. However, don’t focus only on data and ignore basic psychology. Hackers are still just human beings and are “subservient to human behaviors and motivation,” Jenna reminds listeners.
Cyber Risk Assessment is for Everyone
“I think everybody could benefit from a risk assessment in terms of cybersecurity,” Jenna tells Valerie; businesses in critical industries should prioritize it. Generally, she recommends an annual assessment. However, it should also be done when there is a significant change in operations or in the direction of the business. She argues that leadership buy-in is imperative: “Leadership buy-in for an organization is paramount to the success of the cybersecurity team.”
Thoughts on Biden’s Executive Order
“Do you have any urgent or immediate thoughts on President Biden’s executive order on cybersecurity?” Valerie asks. Jenna responds that she is excited and on board with the order. “As cybersecurity professionals, we like to take advantage of every emergency,” she quips. It’s a positive step signaling that cybersecurity is seen as important at the highest levels of government. On the other hand, however, the executive order may not last after Biden’s term of office as it can be revoked by the next President. Additionally, only certain federal bodies are bound by the order.
Resources
Jenna Waters on LinkedIn
True Digital Security