Cyber security plays an essential role in law enforcement and Homeland Security. Todd Rosenblum is at the forefront of federal security and intelligence, and shares his thoughts on information assurance in law enforcement.
For more than 25 years, Todd Rosenblum has been on the frontlines of cyber security within the U.S. government. From the Central Intelligence Agency (CIA) to the Senate Intelligence Committee, State Department, Pentagon and Department of Homeland Security, he has been an integral part of the nation’s information security sector.
Now, working as a senior executive for national security programs and strategy at IBM, Rosenblum offers his insights on cyber security in law enforcement.
How has the role of cyber security professional evolved over the years in law enforcement and Homeland Security?
I think it’s evolved consistent with how the field of cyber security professionals has evolved to supporting all aspects of global cyber security.
It’s moved from kind of a niche area – something that’s been in the downstairs IT shop – to something that has permeated every element of operations, supply chain, management and information integrity. It’s really grown exponentially from a niche specialty to something that’s an element of all information technology integrity.
What skills will be most in demand for future cyber security professionals?
There’s a bit of a push and a pull on that. I think on the pull standpoint, you’re seeing technology, in some ways, becoming easier for users.
The interface the industry is developing is a lot more customer-friendly than it used to be, in that it is something that involves everyone; it’s not an IT thing anymore.
The industry is ensuring that its services are much more user-friendly. In some ways, it’s an easier field and easier reliance point for everyone to practice better IT security standards.
It’s become harder though because, as you move into this easier interface, the back-office elements of this are much more complex, such as the algorithms and the integration efforts.
As a result, you need this combination of super-high-end skilled people to actually do the plumbing and machinery work as intended, and then you need people who have a better customer interface to ease the fears of your everyday user of information technology and make them more comfortable completing the steps they have to take.
What is the biggest challenge the law enforcement community faces as it pertains to cyber security?
I think the biggest challenge we’re seeing is the signal-to-noise ratio. We’re talking about the Internet of Things (IoT), the globalization of data and reaching deeper into unstructured information with the deep web, dark web and others. I think we need people to be quite discerning in what information matters to them because, throughout time, everybody feels inundated by information. In this digitally automated world we’re living in, there’s just too much irrelevant data out there.
What I mean by people being more discerning … with law enforcement intelligence, it’s not about chasing more data but ensuring they’re focusing on the right data. They need to see the relationships between the data, and see how that data correlates well to enhance human judgment.
How much of a role do private companies play in helping law enforcement with cyber security?
There’s not enough talent to go around, and government will rely on industry to, in many ways, be a co-equal partner. The private sector needs to view itself as a co-equal branch of government in terms of the whole cyber security field. I think this will continue to become a larger co-dependency as opposed to something where you’re looking at the government traditionally outsourcing to contractors.
I see huge growth potential not only in that relationship between the private sector and government, but also within the private sector itself. There is a rapidly rising growth in industry looking to protect its own information technology systems and its own operational integrity.
You’re seeing the rise of commercial intelligence and commercial law enforcement becoming an element of industry that did not exist in the past. I’m pretty bullish on this being a growing field well into the future.
How much is cyber security in law enforcement and Homeland Security preventative versus investigative?
The emphasis is going to need to be first and foremost on shutting down the low-hanging fruit vulnerabilities. Where should the priority be? It’s almost a public service campaign.
You see it when they’re talking about wearing a seatbelt while driving, or don’t drink and drive. Those sort of public service announcements for cyber hygiene don’t really exist at the user level and they need to exist. I think we would get a lot of bang for our buck on cyber security if we focused on that first and foremost.
Follow in Todd’s footsteps and discover how cyber security professionals can aid law enforcement efforts. Explore the Careers in Cyber Security section to find out more about this exciting field.