While the Biden administration’s directives on national cybersecurity have given federal agencies an explicit roadmap to fortifying security, the chief cybersecurity advisor for a global technology provider argues that agencies must also keep operational resiliency in clear view.
“You can’t think solely about security. And you can’t just think solely about resilience. You have to have both,” says Paul Kurtz, a former White House National Security Council director who now serves as chief cybersecurity advisor for Splunk.
Agencies must comply with a long list of federal cybersecurity mandates, but they also must be prepared when systems are inevitably compromised, says Kurtz in a new FedScoop podcast series, “Leveraging the cloud to ensure mission resilience,” underwritten by Splunk.
Kurtz discusses why agency leaders must have contingency plans in place — and exercise them — so that when security protections fail one way or another, they are prepared to respond. The need to have clear-cut answers, he says, when confronted with questions such as, “How do we come back? What is our fallback? How do we approach those types of issues in cybersecurity?”
Kurtz points to lessons executives might borrow from the book, The Phoenix Project, which tells the story of a company that must move quickly to resolve critical IT issues. And he offers suggestions on ways to put resilience plans into practice.
Listen to the full podcast conversation and the entire series “Leveraging the cloud to ensure mission resilience” on FedScoop.
Paul Kurtz is chief cybersecurity advisor at Splunk. Kurtz previously served as a senior director for cybersecurity and special assistant to the president in the White House during the George W. Bush administration. He subsequently led the Cyber Security Industry Alliance and cofounded and led a security threat intelligence firm.
Learn more about how Splunk is helping federal agencies leverage the cloud to ensure mission resilience.