With this post I would like to bring your attention to  CTOlabs.com

The purpose of the CTOlabs site is to provide a venue for providing technology concepts and reviews which highlight some of the commercial capabilities of Crucial Point LLC (CTOlabs.com is a subsidiary of Crucial Point).

Crucial Point and our collaboration of world class technologists provides a wide range of consulting services, all related to an understanding of enteprise mission needs and a continual learning of technology capabilities.   Readers of the CTOvision.com blog learn many of the issues we track, but the blog is not the right place for expressing many of the more commerical aspects of the business.  The goal of CTOlabs is for a more commercial presentation of concepts (although I’m hoping for a similar readership, which is why I’m announcing it here on this blog).

The CTOlabs.com site has four major information sections:

• Capabilities: A bit more about CTOLabs, the topics we track and our capabilities.
• Concepts: Our clients ask for and get confidentiality.  But some concepts are worth spreading around. We list a few here to get the juices going.  Other clients have strong desires for open frameworks and concepts regarding IT as a platform, and those concepts need to be broadly communicated.  Concepts like these are provided here.
• Evaluations: We encounter technologies from throughout industry, including many just now becoming part of the Tech landscape.
• Technologies: The broad technology categories we track all warrant continued examination to help in concept development.
• Trends: Some trends are so significant they are going to impact us all no matter what.  We capture the relevant aspects of these trends and are on the lookout for how the intersect with the technologies and concepts we provide.

Please take a moment to review the CTOlabs.com site, and please let me know if you have comments/thoughts/suggestions.

You may also like -

Make Maximum Use of CTOLabs.comAnnouncing the CTOlabs.com Data Deduplication SurveyNominating Technologies For Review At CTOlabs.comAnnouncing the CTOlabs.com YouTube ChannelCTOlabs.com Survey Finds Data Deduplication Aids in Managing Data Growth in F ...DoDIIS Technology: A need for better ways to understand and assessCTOvision.comRedesign of CTOlabs.comCTOvision.comCTOlabs.com Assessment on “Hadoop for Intelligence Analysis”CTOvision.comFederal Government Deduplication Strategies Worth DuplicatingCTOvision.comLearn how to get ready for the FDCCI with Bob Gourley and Carahsoft (Webinar)CrucialPointLLC

While rummaging through old files on my hard drive I encountered a piece I wrote in June 2002 which captured in writing something I had been briefing for several years.  I had been briefing “Principles” which I had observed/learned while the J2 of DoD’s JTF-CND and then later J2 of JTF-CNO.   My theory was that just as Admiral Bill Studeman has helped intelligence professionals understand their craft better by articulating principles, I could help build understanding of the new field of cyber conflict by generating dialog on principles.

I can’t take credit for any of these principles.  I really just wrote them down.  Many are things I observed or heard from others in the JTF at that time, like Marc Sachs, John Owens, Jay Healey and Michele Iverson.  There are also many common themes I learned from Rick Forno, Dan Kuehl and Matt Devost and others.

Now about a decade after I started briefing these principles I just reviewed them and think they still meet key requirements you would expect true principles to hold.  They still ring true and they still have insights relevant to operational decision-making, and, although they are definitely general in nature, I believe they still have a role in helping orient people to the missions of computer network defense (CND), computer network exploitation (CNE) and computer network attack (CNA).

Please give these a glance, and if you know a cyber warrior somewhere who you think would appreciate them please route them on.

One of these days I’ll re-write this to update the acronyms and get rid of the reference to the ancient US Space Command. So please let me know if you think I’ve missed something that should be captured as a principle, or if you think I have put any of these in the wrong context.

Twelve Principles of Computer Network Operations
June 2002
Bob Gourley

A growing number of uniformed military and government civilians practice the new military discipline of Computer Network Operations (CNO). CNO in the Department of Defense (DoD) consists of two specific yet complementary mission areas: Computer Network Defense (CND) and Computer Network Attack (CNA).

The CND mission is to protect and defend DoD computer networks, systems and the data that resides in them any unauthorized event whether it be a probe, scan, virus incident, or intrusion.¹ The CNA mission is to coordinate, support and conduct, at the direction of the National Command Authority (NCA), computer network attack operations in support of regional and national objectives. CNA operations are designed to disrupt, deny, degrade or destroy adversary information resident in computers and computer networks.²

Operational lead for the DoD’s CNO efforts is USSPACECOM’s Joint Task Force for Computer Network Operations (JTF-CNO). But increasingly, traditional military forces are being called upon to conduct CNO operations by enhancing the defensive posture of networks under their control, by taking action against attacks, or by participating in attack planning or operations.

In most other warfare areas, Commanders can rely on established military doctrine to guide them in implementing and executing their missions. ³ The CNO mission is new, however, and little formal joint doctrine exists in this mission area.

This article provides firsthand observations on twelve key principles of CNO. I believe these observations can provide other CNO practitioners with a critical foundation required for successful CNO. These principles will also be of use to officers who whish to engage in the ongoing national security and policy discussions concerning CNO. After further examination and feedback from the field and the fleet, we expect them to become cornerstones of a new joint doctrine for CNO. Until then, I offer, Twelve Principles of CNO. They are:

#1 The Chain

#2 The Perimeter

#3 Interconnection

#4 The Laundry

#5 Prior Planning Prevents Poor Performance

#6 Know the Enemy

#7 Experience Counts

#8 Users Need Help

#9 Relativity

#10 One Basket?

#11 Unintended Consequences

#12 The Beauty of Attack

A bit more on all of the above is provided below:

#1 The Principle of the Chain. CNO is a chain; it’s only as strong as the weakest link. Like most of the rest of the principles outlined here, this sounds intuitive. But it is very important to stress this concept in the CNO world. Inattention to detail will ruin your CNO plans, whether for defense or offense. Two short illustrations:

- You fortify and protect an enclave by putting firewalls and IDS’s on gateways and hardening workstation software. But there are so many configuration choices for your IDS and firewall, and so many other settings you must make to ensure your enclave is secure. Did you overlook anything? Are your users trained? Do you have a response policy in place? Are you running the most up to date anti-virus software on your mail server? Should it be on individual workstations? These and many other questions must be considered by security professionals or any one could be the link that breaks the security chain.

- The chain for attack will also have weak links. This is easy for military professionals from any discipline to understand. All combat actions in any warfare area have potential weak links that can frustrate your attack or even lead to exploitation of your own forces. In the CNO realm the weak link may be the ability of an adversary to repair a patch in an application or the ability of an adversary to re-boot a router.

How do you protect against the weakest link? Attention to detail.

#2 The Principle of the Perimeter. Defenders must protect against every vulnerability. Attackers must only find one security flaw. A rough analogy is the requirement to continuously defend an Aircraft Carrier Battle Group in a high threat environment where attacks might come from below the sea or from the air or even from land. This principle calls for constant vigilance along every potential avenue of approach. CNO defenses must be robust and mobile.

#3 The Interconnection Principle. CNO is a multi-faceted discipline that includes military, civil, foreign, domestic, offense, defense, technology and human factor issues. It is an observable fact that we are all interconnected in this business. Decisions made in one area frequently have impacts in the other areas. That makes coordination between stakeholders and leaders in those areas an important goal that will result in better community-wide solutions. However, if taken to the extreme, this coordination can be a recipe for paralysis. Sometimes unilateral decisions must be made.

#4 The Principle of the Laundry. CNO is a continual process (like laundry, something always needs cleaning). Vulnerabilities in old software are discovered daily and new software is continually being produced and integrated into our architectures. All indications are that new software is just as buggy and has just as many vulnerabilities as old software, so we can expect the continued stream of vulnerability announcements to continue. Vulnerabilities that must be cleaned up and repaired as they are discovered. This is a never ending process.

#5 The Principle of Prior Planning. CNO must be pre-planned; you don’t just do it at the last minute and expect it to be done well. Too frequently the developers of systems and networks pay too little attention to security when they design their systems. We have found out the hard way that tacking it on the end just doesn’t work. This adage applies to users as well. If an organization does not think through the policies its users must adhere to, and does not train its users to be secure till it is too late, then the result will be poor security. The same thoughts hold true in the offensive sides to CNO. CNA requires extensive planning and coordination in advance.

#6 Know the Enemy. You must know your enemy better than your enemy knows you. This is easy to say but in practice very hard to accomplish, especially in the interconnected world of the Internet, where adversaries can take steps to hide their identify. But steps can be taken that let you make reasonable assumptions about your adversary before you know exactly who it is. These assumptions, combined with a continual study of threat actors will lead to a better ability to prevent, detect, react and defeat adversary activity.

You can and should also take steps to hide key information from your adversaries. All DoD unclassified networks should be under the umbrella of the NIPRNET, which affords some obscurity and protection from enumeration by an adversary. Enclaves should be configured to deny as much information as possible to potential adversaries. There is no reason why we should make the attacker’s job easier.

#7 The Principle of Professional Experience. Inexperienced CNO professionals are not CNO professionals. It is so easy in this business to find pseudo experts who can give a great brief or can market a CNO concept but have no first hand knowledge of how networks work or how to defend them. How do you tell a pseudo expert from a real expert? Be skeptical of anyone in this field till they have proven themselves to you. Ask for credentials, certifications, degrees or what their on the job experience is. Don’t be afraid to quiz them. No matter how polished they look, you want experience in this business.

- An important corollary for Commanders is that like in every other warfighting area, your people are paramount. Commanders must take responsibility to ensure that their CNO operators are trained and ready for the tasks that will face them.

#8 The Principle of User Faith. Users have no good way of comparing the security or vulnerability of systems. How can an individual user really tell that a system is secure? Is PKI secure? Is DMS secure? Who and what should a user trust? The current answer in DoD is that users must trust the systems managers in their organization, and those leaders must in turn trust accrediting authorities and program managers. We hope the corollary to this adage becomes “Trust, but verify.”

#9 The Principle of CNO Relativity. CNO is relative; no system will ever be 100% secure. This truism was realized long ago by the greats of the information security business, and has been witnessed again and again in DoD’s efforts.

- This truism is especially important in DoD, where we face some very sophisticated adversaries. Since no system can ever be 100% secure, if you want to be 100% certain that your information is protected, do not store it in any computer system anywhere. Of course this is unrealistic. But the point is that owners of information should weigh the risks vs. rewards of storing information in a computer system, and should take appropriate steps to protect computers and networks storing sensitive information.

#10 The Principle of the Single Basket. Never rely on technology (or anything else) as your only line of defense. This principle should seem intuitive to any operational military professional. No defender in combat would try to mount a defense with only one type of weapon, tool or technique. This is just as important in the CNO world, where true hackers will never give up, and where more sophisticated adversaries will try attacking through paths we may not have even considered yet.

#11 The Principle of Unintended Consequences. This applies to all aspects of the art of CNO, both offense and defense. Keep in mind that no matter how much you think these things through, there will age some risks of unintended consequences.

#12 The Principle of the Beauty of Attack. Sometimes you must take the fight to the enemy. To the military this frequently means the ability to use force on a battlefield to compel an enemy to do our will. But this principle is meant to bring to mind far more than that. In some cases, the US Government will have an ability to carry the fight to an adversary by attacking their computers. Individuals and individual units cannot do this, of course. This is a response reserved for decision-makers at the highest levels of government. But there are means for individuals and individual units to take action against attackers. Action can be taken by collecting detailed logs of the attacks and contacting law enforcement officials at the earliest possible moment.

The principles presented here are meant to explain the workings of a well-functioning computer network operations effort. They will be of use to any military professional struggling with the best ways to implement successful CNO in their organizations.

Are there other principles of CNO? Almost certainly. The disciplines of Computer Network Defense and Computer Network Attack are still new ones, and as they spread throughout the combat forces of DoD more principles, best practices and even doctrine will arise to help guide us as we prepare for combat. Consider the list above a start. It contains basic generalizations that I hold as true, that I propose to you as a starting point as you reason through your role in this mission.

Like Yogi Berra said: “It’s tough to make predictions, especially about the future.”   This is especially true about technology.  Things are changing so fast in the tech world it is hard to keep up with the state of today’s IT, which means it is even harder to predict where it is going tomorrow.  I like to start my predictions of the future of IT with caveats like those so you realize it is ok to question my every assumption as we try to figure out what is coming next.

Which gets to the point of this post:  Enterprise CTOs need to plan for the smart use of resources and need to inform others on coming capability.  And doing that requires some insights into the future of IT.  So, although there is no really good model for doing that, we have to try.

My favorite model is to start with an assessment of today’s technology, look at the mega-trends sweeping through the IT industry, survey promising work being done in R&D, and then make assessments on what is coming next.  Since this is a model full of flaws I like to continually update and check the work and I really appreciate getting feedback from other technologists on what they think.  For readers of this blog and followers on Twitter, many of you have already contributed to this brief and that is much appreciated.  I have also pestered some of the greatest CTOs in industry to give me their thoughts and find that sharing the briefing with others is a great way to keep a good tech dialog going.

I had a great opportunity to get feedback on the most recent version of my brief at the 2009 DoDIIS conference.  I was allowed to present my briefing to a standing room only crowd of technologists, many of whom I have looked up to for years.  Immediately afterward I got lots of verbal input and that was very valuable.  I was also swamped with e-mail contact and that is also very much appreciated and as I get more feedback from these readers I’ll keep updating the briefing.

For now, would you mind taking a look and providing feedback?  It is pasted below.

If you have trouble seeing the embedded clip below visit this URL: http://docs.google.com/Present?docid=ddjnt9hd_165hbcmwqd6

Thanks!

Bob

This post is a follow-on to my previous report on the 21 April 2009 Xeon 5500 kickoff event hosted by Intel corporation (see: Intel’s New Chip ).   My previous post talked about the new “Intelligent Processors” being fielded by Intel.  With this post I want to provide a bit more information on a key presenter there, Justin Rattner.

You can find background on Justin from two credible sources, his official bio at Intel and a Wikipedia entry on him.

It turns out  Justin works for a pretty cool company.  While talking with Justin and Nigel Ballard (Intel’s Federal Marketing Manager) I mentioned that I run a blog focused on technologists and they invited me to attend a small session with members of the press (this is another great reason to run a blog, you can elbow your way into all sorts of places!).

Some of what I learned from this session with Justin follow:

The new Nehalem chip may very likely change the security game.  We got hints of that at the presentation earlier in the day when he talked about the enhanced ability to support encryption on the chip.  When we were able to ask follow-on questions he underscored something that many of us in the profession have come to realize—encryption is just one of many capabilities that must be brought to bear against the threat.  The best approach is a defense in depth approach.

As part of a defense in depth approach, the new management capabilities of Nehalem provides an ability to watch what is going on in the processor.  Little chips on the processor watch the big chips on the processor.  That enables review of the code that is executing.

When fully taken advantage of, this capability will significantly mitigate the ability of bad guys or malicious code to install and run root kits, for example.  No anti-virus capability can detect a well masked rootkit.  None of the OS guys can do this.  It must be done on the chipset.  The management module on the new Nehalem chip can provide that ability.  It can scan memory and watch processes and compare against known valid code and take action.  In Justin’s words:  “It has become painfully obvious that none of the current defenses are adequate.”  A stand alone management system that can command other processor components is a fundamental solution that will change the game.

I asked Justin one of my favorite questions about Moore’s law.  We all know no mere mortal should ever try to predict its death, but it is time to predict its loss of relevance, I believe.   Afterall, the performance statistics provided by Justin in his opening session showed dramatic, exponential performance enhancements that are far greater than the Moore’s law driven increase in number of transistors on a chip over time.  So I asked Justin to comment.  I asked, if Intel is blowing past the performance predictions of Moore’s law, isn’t Moore’s law less relevant?  Shouldn’t some sort of “Core’s Law” be cited instead, where the number of cores double every two years?  Isn’t that a better predictor of performance?

Justin’s comment: Intel has now realized that Moore’s law is no longer about performance.  Moore’s law is remarkable in terms of predicting the number of transistors, but the number of transistors it takes to increase performance count has grown geometrically.  In general, a 2x increase in performance might require a 4x increase in transistors.  Smarter design is required.  Smarter design, like multi-core and multi-thread gives dramatic increase in performance and many other benefits as well, including an ability to manage thermal and power budget on the chip, or adding virtualization support on the chip.  Doing things like this requires transistors, but it also enhances overall performance.

I asked Justin about the internal tensions between people who are both consumers of tech and high tech workers. As consumers they are receiving more and more capabilities, from handhelds to desktops to cloud services.  Then they go to work and as enterprise workers they are served with sub standard IT.  He knows this tension well and knows it is occurring everywhere, but sees big gains being made in servers available to enterprises and believes now is the moment to upgrade to provide increase enterprise capability to workers.  He believes in establishing private clouds, but also realistically knows public clouds will be with us forever.

I asked Justin about the handheld market.  There are over 3.3 billion active cell phone subscriber accounts, for example, and only 1.2 billion PCs.   Justin was clear in this:  Intel recognizes this market and is coming.  Expect their continued pursuit of a wide range of consumer products, building on success of their Atom chip and netbooks.   Look for Intel moving faster into embedded computing.  Opportunities are expected to “explode” in digital signage, automobiles, healthcare, and personal ecommerce.

I asked about Twitter.  It is in use by many folks at Intel, and there are internal collaborative tools and social media inside the corporation.  It seemed clear that they are not designing chips by 140 character Twitter micro-blog bursts, but they are enhancing internal coordination and cooperation.  And that is good for all of us IT users.

Overall I found Justin to be a world class tech leader and I felt honored to be in the same room with a person who is changing the world in such a huge way.  Thanks Justin for the time.

Today’s news on Vivek Kundra’s role in the federal space made me think of another CTO, Yuvi Kochar. Yuvi, the CTO of the Washington Post, is a great connector of CTOs who leads the informal collective of the Washington Area CTO Roundtable.  Although I had heard Vivek speak a time or two, the first really deep interactions I had with Vivek were through Yuvi’s work in service to the tech community and I much appreciate that.

For a quick update on Vivek from a CTO perspective see:

Vivek Kundra: The Alpha CTO - My interview of Vivek

Federal Government Technology Directions and the Fed CTO – A pointer to tech work of the transition team.

Vivek Kundra: Democratizing Data and Putting it in the Public Domain – Some comments on Apps for Democracy.

The Technology Implications of the Obama Win - Megatrends, including some driven by Vivek.

So, congrats Vivek.  Your country wishes you well and we all appreciate your service.  We look forward to a more widespread use of your models and methods and look forward to more delivery of services to our citizens.

You may also like -

Vivek Kundra's Retirement Reception and the Role of the Federal CIODebrief from The White House Forum on IT Management ReformCTOs: Provide your inputs on how the government will implement cloud computin ...Federal Cloud Computing StrategyHP Software Government Summit 21 June 2011 at NewseumFederal IT’s Revolving-Door ProblemCrucialPointLLCHomeland Security To Move Websites To CloudCrucialPointLLCNew Enterprise CIO Forum Blog Talk RadioCrucialPointLLCNov 4 NIST Cloud Computing Forum, Day 1: "Cloud Computing is not a fad"Dr Cloud's Flying Software CircusFedCyber.com Cybersecurity Summit on Wednesday, September 28CTOvision.com

There are several megatrends sweeping the technology industry today.  Some of them are about to be accelerated.

I like to use five key topic areas to track megatrends in IT:

Over the past two months two major events have occurred which are impacting these trends.

The first was the collapse of Lehman Brothers and the resulting cascading effects on the financial industry.  The impact on IT spending and the movement of more enterprises to grid/cloud computing because of that are still being assessed, but for some thoughts see: Wall Street Crisis

The second was the Presidential election of Barack Obama.  President-Elect Obama has long articulated a technology strategy on his website.  It is most definitely worth a read by all enterprise technologists since it will form the basis of many of his policies and actions.  For some context, here is a paragraph that struck a cord with many enterprise technologists:

But perhaps more important than his stated technology platform is the energy behind the election and the new spirit that will be coming with him into government.   Part of that energy was discussed by Tim O’Reilly in a 29 Oct 2008 Endorsement.  A key slice of that endorsement read:

Based on the above and my views of enterprise technology today, the following is my analysis of the impact of the election on the key IT megatrends:

Convergence and trend towards unified communications and user empowerment

Consumerization and user empowerment has been the most important trend in IT for several years and is driving many other trends in the industry, including Cloud Computing.  This trend is almost a force unto itself and I don’t believe the Obama election or the excitement it generated will do anything to change this trend.   In fact, we could argue that this trend itself picked the next president.  The Obama team made the best use of the consumer technologies touching people everywhere, including social media, cell phones and of course the Internet.  So his team had people who understood the megatrend and took action to accelerate it into their campaign.   What if the critically beneficial trend of consumerization of IT had not been in place?  If consumerization had not been driving IT would this election have resulted this way?  Hard to tell, but to the point of my analysis, this trend is a force of nature of its own and I do not believe the exciting results of the election will change it other than to help move more social media into old government organizations.

But, we can assume that the senior team of the President Elect, the ones who will be leading the transition of the government, know the power of social media and consumer IT very well and will accelerate the use of Web2.0/Gov2.0/Social Media in government.

Globalization and increasing internationalization of IT and demographic shifts

There is a global competition for talent and for several years it has seemed like the US was on the loosing side of this trend.  There is a significant chance that this trend will continue, with Asia especially generating demand for technology talent.  But the energy of the US and the huge respect the country is gaining because of this election may be a mitigating factor in the competition for talent.

Increasing open development of software and hardware

This too is a trend all its own.  Open source software is clearly a force which is unstoppable already.  Here too, the Obama campaign appears to have leveraged open source sofware by extensive use of free and open software like MySQL.  (Sun Microsystem’s MySQL is the open source technology platform that powered BarakObama.com).

Power, Cooling and Space (PCS) impacting data centers and every place computing is done

Although this is another trend that is bigger than any one campaign, we have to assume that the energy savings, power savings and space savings of modernizing IT will be benefits that are highly regarded by the new administration and at least for the federal IT enterprise these trends will continue.

Increasing pace of technology development and probability of disruption.

I firmly believe that the speed of technology development will continue to accelerate.   At this time I don’t see the election as having a big impact on this trend on the short term.   It is clear that the new administration will be working hard to capture the energy and excitement of the populace to move the country forward on several issues, and in doing so that will hopefully improve the environment for startups and other technology generators.  But the bottom line here is that positive change and disruption of enterprise IT is going to be a fact of life and would be no matter who was elected.

The Significance of the Above

Now what is the meaning of these changes?  Here is a short list of assessments:

- Look for even more use of grid/cloud computing.  This will include more cloud computing in government.  Vivek Kundra is the model here.   His pioneering efforts in leveraging cloud computing have generated real benefits many of us knew were possible but few of had the courage to implement.

- Look for an enhancement to the current CNCI (Comprehensive National Cyber Initiative).   IT will be secured in government.  With a strong federal CTO we can expect some changes to the current approach to the CNCI. Most, if not all, unauthorized intrusions into federal systems could be prevented with a strong CTO in place.

- Expect to see much much more use of open source software and hardware in the federal enterprise, which will continue to drive more adoption by open source software in commercial sectors.   Expect to see a more widespread adoption of Open Office, Linux, Solaris, ZFS,  and MySQL.   This will be done for agility, flexibility, security and expense.

- Expect to see large pushes for automation of backend IT processes.

- Although federal IT budgets will be under significant downward pressure, good ideas regarding virtualization, automation and other high payoff disruptive technologies will be welcome and there will still be IT modernization efforts underway throughout the government.

Do you agree, disagree, or have other thoughts?  Please let me know.

[amtap book:isbn=1934840807]

You may also like -

What is the Cyber Conflict Studies Association?Debrief from The White House Forum on IT Management ReformMake Maximum Use of CTOLabs.com

This is an update of my now annual assessment of the future of technology associated with good and evil in cyberspace which was first posted here.

But a sad fact of the human condition is that bad people will likely be with us long into the future.  And sometimes good people can be tempted to do bad things, so we really need to engineer solutions that
keep the bad guys from benefiting from technology and keep those who can sometimes be tempted from giving in to their darker side.

So is is possible to engineer perfectly secure systems?  Consider the law of the rodeo:  “There’s not a horse that’s never been rode, and not a rider that’s never been throwed.”  I like the analogy since it reminds us that all computer evil can be mitigated.  But it always fights back.  Good and evil will continue a fast paced rodeo dance long into the future.

To engineer secure systems for the future we need to continually assess where we are and what the near term future holds for our technologies.  Here is a couple short predictions that could be useful
in this discussion.

- Remote power is here today and will soon be widely distributed.  This will allow small power consumption devices (like keyboards, mice, bluetooth headsets, hearing aides, small sensors) to be provided power by RF energy.

You may also like -

CTO Perspectives on Cyber Security BillInterested in Cyber Security? Read (and support) the new Cybersecurity Legisl ...The U.S. International Strategy for CyberspaceFederal R&D PrioritiesPros and Cons: Cyber CommandKilling Trees for CyberspaceHaft of the SpearWhite House roadmap lays out federal cybersecurity R&D prioritiesCrucialPointLLCThe End of Cyber Security (Part IV)Haft of the SpearDodaro: Key challenges remain for DHS in cybersecurity missionCrucialPointLLCCyberterrorism a threat that won’t go awayCrucialPointLLC

I’ve previously blogged about Triumfant, a company that has mastered the automated detection and resolution of IT problems.   I also think of them as the world’s greatest compliance monitoring capability.  What do I mean by compliance?  I mean compliance in the context of the many rules, regulations and configurations that external organizations and the government require, and also compliance with your own policies and guidance.

For those who are not familiar with the full scope of compliance issues, a great source is the site of the IT Compliance Institute.   Their goal is to be a global authority on the role of technology in business governance and regulatory compliance.   That means they are driven to seek out regulations, understand the requirements for compliance, and then help determine the best way to automate that compliance.

The site holds several white papers and checklists on topics like IT Audit, Risk Management, keeping up SOX compliance, Change Management, Logging, Reporting, and Security.  These papers seem to be good primers for any CTO or other enterprise technologist who needs to understand this domain.

Here are some other thoughts on compliance:

- During my time as a CTO of a DoD Agency, I noticed a shift in how federal organizations perceived compliance.  Federal organizations are all about compliance, and have long followed mandates like the Clinger-Cohen Act, FISMA, the many Enterprise Architecture requirements (like DoDAF or FEA), and a wide variety of other requirements.   But most federal organizations did not treat compliance as a way to optimize delivery of IT capabilities to users.   And most federal organizations did not have to comply with many of the regulations being levied on industry (like SOX, for example).   That is all changing.

- More recently IT professionals began to see compliance and the need for automated control of systems as a way of not just complying with regulation and reporting requirements, but a way of ensuring uptime, helping speed delivery of new software deployments, helping reduce IT admin costs, and helping with overall abiity to support the mission.  Add to this new awareness of the importance of compliance the recent shifting of federal policy  towards having agencies produce financial audits and IT auditing requirements to the same standards as the commerical sector.

There are more shifts in compliance underway in the federal space, including a new Federal Desktop Core Configuration (FDCC).  I see all this compliance as a good thing that should be executed in a way that enhances uptime, enhances security, and enhances the delivery of capability to end users.

For more on compliance see my previous post    http://ctovision.com/2008/07/automated-resolution-of-it-problems/

For more on triumfant see:  http://triumfant.com

You may also like -

Using Triumfant for Secure Configuration and Change ManagementCatbird's vSecurity 5.0Invincea and Triumfant: two firms filling important roles in enterprise ITFixmo And Mobile Risk Management For Enterprise and Government AgenciesIntelligence Community Executive Forum on Cyber OperationsCatbird’s vSecurity 5.0CrucialPointLLCFixmo Partners With CorreLog to Create Holistic Mobile Infrastructure Complia ...CrucialPointLLCSome Context on Malware in the EnterpriseCTOvision.comSecurity Innovation Network Announces the 2011 SINET Showcase InnovatorsCTOvision.comObama issues order aimed at preventing federal data leaksCrucialPointLLC

I have picked a primary online meeting tool for my consultancy (Crucial Point LLC).  Although I will use any tool a client or associate needs me to use, the tool I prefer is Adobe Acrobat Connect.

Why did I select Adobe Acrobat Connect?  A key reason is that no downloads are required for this to work (assuming, of course, that you have flash player installed on your system, which 98% of the computers on earth already do).

Although that was an important/primary consideration, there are also all the features I needed.  For a low monthly cost I get unlimited online meetings, easy screen sharing, application sharing, whiteboard, chat, video and audio conferencing.   I also get an easy to remember URL for instant meeting rooms.

I also looked at Adobe Connect Professional, but don’t think I need all the features, so I’m sticking with Acrobat Connect for now.

If you would like more info, send me a note and I’ll invite you to an online session with me at:

http://connectnow.acrobat.com/CrucialPointLLC

Or just try clicking that link.  I have always believed in an open door policy and who knows, I might have my meeting room up and on for public discussions.

As a final thought, let me leave you with a philosophical thought regarding collaboration and computing.  Tools like Adobe Acrobat Connect are GREAT for collaboration, but I think they are most powerful when considered as one of many tools vice the tool for collaboration.   The real collaboration tool is the entire computing enterprise.  Power users should use tools like Connect, but also phonecalls, e-mails, Twitter, Facebook, Plaxo, blogs, Wikis, etc etc.   Use the right tool for the right task.  For online meetings, it is Connect.

See you online.

Cheers,
Bob

The Cyber Conflict Studies Association (CCSA) is a non-profit group organized to promote and lead a diversified research and intellectual development agenda to advance knowledge in the cyber conflict field. The CCSA is committed to developing academic programs and communities that can help the nation in this emerging area of thought. The CCSA is providing enhanced discourse on the strategic implications of cyber conflict and provides a venue for academic dialog on the study of economic, policy and other strategic issues and provides key intellectual capital the nation can tap for the ongoing cyber initiative.

The next CCSA workshop is 26 Feb 2008 at the Georgetown University School of Foreign Service/Center for Peace and Security Studies in Washington DC. This symposium is focused on the implication for an Estonia-Like cyber conflict, including implications for both the government and private sector.

Quoting from the CCSA website:

“For more than three weeks in April and May 2007, Estonia’s public and private sector were targeted by a series of computer network attacks, resulting in the Estonian government declaring it was engaged
in a cyber conflict. Estonian government, banking, and media websites were crippled by sustained waves of distributed denial of service attacks, some of which reportedly originated on Russian state servers. This conflict has specific and important implications for the private sector, including hardware and software vendors whose products were targeted by the attacks and in some cases blamed for conditions that allowed the growth of botnets used in the attack.

This symposium will focus on the private sector-related issues raised by the Estonia case, exploring its strategic, legal, financial, and technical implications.”

If you have intellectual capital you can contribute to advancing the nation’s knowledge in this domain please visit the CCSA website for more information and please consider attending this symposium.

For more on the activities of the CCSA see http://cyberconflict.org

You may also like -

What is the Cyber Conflict Studies Association?Cyber Conflict Studies Association History ContestSome Thoughts on the Iranian Cyber Army and what they mean to CyberStuxnet: An important change in the national security landscapeIf You Could Pick One Thing For Congress To Do Regarding CyberSecurity, What ...Furthering the Field: A Comprehensive Program for Cyber Conflict StudiesDevost.NetDARPA’s Cyber Fast Track Adds Agility to Research FundingCrucialPointLLCPresident Mentions Cyber-Threats in State of the Union AddressCrucialPointLLCInteragency group looks to common cyber security language, skillsCrucialPointLLCPNNL Seeks Chief Cyber Security Research ScientistCTOvision.com