The security strategy that federal agencies too often overlook


While the Biden administration’s national cybersecurity guidelines have given federal agencies an explicit roadmap to beef up security, a global tech provider’s chief cybersecurity adviser says agencies must also maintain resilience prominently operational.

“You can’t just think about security. And you can’t just think about resilience. You have to have both,” says Paul Kurtz, former director of the White House National Security Council, who is now chief cybersecurity adviser for Splunk.

Agencies must comply with a long list of federal cybersecurity mandates, but they also need to be prepared when systems are inevitably compromised, Kurtz says in a new FedScoop podcast series, “Leveraging the Cloud to Ensure Resilience the mission,” underwritten by Splunk.

Kurtz explains why agency leaders need to have contingency plans in place — and enforce them — so that when security protections somehow fail, they’re ready to respond. The need for clear answers, he says, when confronted with questions such as, “How do we get back? What is our fallback solution? How do we approach these kinds of cybersecurity issues? »

Kurtz points to lessons executives could learn from The Phoenix Project, which tells the story of a company that must act quickly to fix critical IT problems. And it offers suggestions on how to put resilience plans into practice.

Listen to the full podcast conversation and the entire “Leveraging the Cloud for Mission Resilience” series on FedScoop.

Paul Kurtz is Chief Cybersecurity Advisor at Splunk. Kurtz previously served as senior director of cybersecurity and special assistant to the president at the White House during the George W. Bush administration. He later led the Cyber ​​Security Industry Alliance and co-founded and ran a security threat intelligence firm.

Learn more about how Splunk helps federal agencies leverage the cloud to ensure mission resilience.


Comments are closed.