MITRE-ATARC Cybersecurity White PaperJanuary 25, 2018
Cyber topic areas:
- Impact of Presidential Executive Order 138000 on Cybersecurity
- Quantifying Security Metrics
- Challenges for the Ever-Changing and Expanding Threat Surface
- Addressing the Cybersecurity Skills Gap
- Security Challenges with IoT and Other Emerging Technologies
Key recommendations to Government:
- Industry and government must collaborate in developing comprehensive training for responsible government actors encompassing the nature of industry (especially vendor and critical infrastructure), the role played by ICT, the risks posed by cyber threats, and the capacity of each community to develop, deploy, and mature effective security measures.
- Achieving an environment to assure such effective, actionable industry and government collaborations now and in the face of future cyber challenges may well require legal and policy measures which do not presently exist.
- Security metrics should be presented to top agency leaders in terms of mission impact for them to make informed mission-based decisions.
- The need to grow and develop the Cybersecurity workforce is evident. Measures that relevant industry sectors have taken to-date have shown to deliver fruitful and positive outcomes.
- Assessing IoT risks will be aided by understanding elements of ecosystem and identifying threats and mitigations.