Info sharing improves security, slows effects of brain drain
- By William Jackson
- May 15, 2014
Information sharing is essential for improving cybersecurity, both in government and private sector enterprises, according to a panel of technology officials speaking Thursday at the FOSE IT conference in Washington. D.C.
“As a CIO, I am spending 80 percent of my time on security,” said Renee Macklin, chief information officer at the Small Business Administration. To ease some of that burden, she said she reached out to similar organizations, both in and out of government, to share lessons. “It was like a breath of fresh air.”
Macklin took part in a panel discussion of women IT leaders, which also included officials from the Office of Management and Budget, the National Security Agency, IBM, Amazon Web Services and Experian.
In addition to improving security, communication also is needed to retain the knowledge that is in danger of being lost with the growing number of veteran government IT workers reaching retirement age.
Macklin said she built informal collaborative networks at both the executive and tech levels of other organizations to share experiences and what worked. “Collaboration at the engineering level is really key,” she said.
“We have work to do to better share our experiences and improve our security,” said Debora Plunkett, director of information assurance at the NSA. “I have an extraordinary set of constraints” in sharing information, she said, because she works in a classified environment. But Plunkett called for a standardized way for sharing information about security, both in the technology and the language being used.
“We need a common lexicon and understanding of what the terms mean and some common standards.”
Another challenge for federal IT shops is the demographic bulge of workers reaching retirement age and leaving government. This comes on top of the difficulty of retaining younger workers who are leaving to take more lucrative private sector jobs.
“There is no easy fix” for the brain drain, Macklin said. It must be addressed with planning and training so that a supply of younger workers is in the pipeline. “You can use technology as well,” she said, by building knowledge databases that can be queried during incidents to draw on the expertise of former employees. “All of this takes money and planning.
Another tool that can be used to maintain institutional knowledge is social media, which already is taking the place of some traditional media channels in both the public and private sectors.
“The day of the big product launch is over; everything we launch now is done on social media,” said Teresa Carlson, worldwide public sector VP for Amazon Web Services. “The next evolution of social media will be for the enterprise,” to enable better internal communications.
The lesson in using social media has not been lost on government, said Lisa Schlosser, deputy associate administrator for OMB’s Office of E-Government and IT. “It’s not just an add-on, it’s something that is essential to think about in the launch of any service,” she said. “It’s part of our DNA now when we communicate.”
William Jackson is freelance writer and the author of the CyberEye blog.