Critical Infrastructure: Principles & Activities to Achieve a Strong Cybersecurity Posture

GovDefenders, the annual cybersecurity virtual event powered by DLT Solutions, is now available on-demand! Enjoy hours of free educational presentations from top cybersecurity vendors and over 100 resources from the comfort of your desk. Just visit www.govdefenders.com/event to register/login.

To give you a taste of what you’ll find, we’ve posted the event’s panel discussion below. Moderated by DLT Solutions’ Chief Technology Officer Van Ristau, the panel featured Ken Durbin, Continuous Monitoring Practice Manager, Symantec; Paul Christman, Vice President, Dell Software Public Sector; and Wallace Sann, Regional Vice President – Systems Engineering & Federal Chief Technology Officer, ForeScout.

The panel answered the following questions:

  1. Was your company involved in the development of the Critical Infrastructure Framework and, if so, can you offer any insights into how that government-industry process worked?
  2. What are some of the common challenges facing critical infrastructure operators in improving their cybersecurity posture that you are seeing and how are you addressing them?
  3. Can you give some examples of unusual or new challenges that have to be addressed outside the IT Department or CISO's purview that you normally interact with for Information Security protection?
  4. Does your company provide a tested consulting methodology or 'expert system' approach that can assist critical infrastructure customers in assessing their current state and developing a customized approach to achieving a target state/posture for cybersecurity?
  5. The Framework Core names five key functions or activities that are critical to managing cybersecurity risk: Identify - Protect - Detect - Respond - Recover. Can you choose one or two of these functions and describe how you would address each?  (i.e. discuss your strengths)
  6. How important is involvement of the organization outside the IT team in developing and implementing the Framework and what is your advice to CI entities in this regard.