Governance & Risk Management , Insider Threat

Former NSA Deputy Director Chris Inglis on the Technology of Combating Cyber Threats

Part 2 in the 4 part series

Traditional security tools have focused on abstractions such as perimeters and endpoints, representations of things that don't really exist in today's interconnected ecosystem. They were not designed to protect the data we're actually trying to keep out of the hands of attackers. These tools have been marginally effective at defending against yesterday's attacks, those we already know are in the environment.

"If you're lucky, someone else experiences the attack first. If you're smart, you prepare for the first time it happens to you," says Inglis. "We cannot respond at the speed of yesterday. We need to understand what is happening today."

Inglis advocates for an industry-wide shift from security measures that focus on abstractions, to a renewed focus on data and behavior that is applied against that data.

"You need to have the analytics that actually understand data and behavior, and you need to do it in real time," argues Inglis. "A proactive defense focuses on anomalous behavior."

About the Author

John C. Inglis

John C. Inglis

former Deputy Director of the NSA

Inglis retired from the Department of Defense in January 2014 following over 41 years of federal service, including 28 years at NSA and seven and a half years as its senior civilian and Deputy Director. He began his career at NSA as a computer scientist within the National Computer Security Center followed by tours in information assurance, policy, time-sensitive operations, and signals intelligence organizations. Promoted to NSA's Senior Executive Service in 1997, Inglis held a variety of senior leadership assignments and twice served away from NSA Headquarters, first as a visiting professor of computer science at the U.S. Military Academy (1991-1992) and later as the U.S. Special Liaison to the United Kingdom (2003-2006).

Sachin Nayyar

Sachin Nayyar

CEO, Securonix

Nayyar has over 15 years of experience providing thought leadership around Information Security. He is a renowned thought leader in areas of Role Design, Role Management, Regulations, Risk Management, Compliance, Identity/Access and Governance. Prior to Securonix, Sachin was the Founder and CEO of Saviynt - a leading provider of Cloud Access Governance and Intelligence solutions and Vaau - makers of role management and identity compliance solutions, where he took the company from conception to acquisition by Sun Microsystems. While at Sun, he held the role of Chief Identity Strategist responsible for vision and direction of Sun's entire security portfolio.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.