On March 3, 2005; DomPrep.com’s John F. Morton and Martin Masiuk visited with Amit Yoran, until last fall the head of the National Cyber Security Division in the DHS (Department of Homeland Security) Information Analysis and Infrastructure Protection Directorate, a position he held for a year. Prior to that, he was vice president for managed security services at Symantec Corp., the Internet security vendor. A West Point graduate, Amit founded RIPtech Inc., a managed-security-services firm, in 1998 and served as its president. Symantec acquired RIPtech in 2002.

DomPrep divided the 23-minute interview into five segments.

In Segment One, Mr. Yoran grades his report card on the public-private cyber security partnership:

  • Information sharing with the private sector and state and local governments;
  • Shortfalls in the sharing of ified information;
  • The corporate governance and public organizational challenges remaining;
  • Incentivizing cyber security improvements and technological advances by leveraging federal purchasing power.

Duration :6 Minutes 9 Seconds

Play Segment

In Segment Two, Yoran discusses cyber security and the Internet:

  • The federal government’s Einstein pilot program, an automated process for collecting, comparing, sharing, and analyzing computer security information across the government to help officials prevent future attacks.
  • Einstein’s potential for information sharing with state and local governments, and the private sector, through US-CERT
  • Who has responsibility to secure the Internet?
  • The IT interaction mechanisms between DHS and state and local governments, the Homeland Security Information Network (HSIN).

Duration :3 Minutes 25 Seconds

Play Segment

In Segment Three, Yoran gives his views on the IT vulnerability-assessment process:

  • Difficulties in creating a common system for scoring IT infrastructure vulnerabilities;
  • National Infrastructure Advisory Council (NIAC) recommendations on how to rate vulnerabilities.
  • DHS site-assist visits to help in private-sector vulnerability assessments;
  • The private sector lead in IT security, vulnerability, and risk-analysis solutions.

Duration :6 Minutes 22 Seconds

Play Segment

In Segment Four, Yoran discusses the convergence of risk management across physical and cyber vulnerabilities:

  • Delineating the roles of a chief information security officer (CISO) and chief security officer (CSO) in organizations and management;
  • CISOs in operational and policy roles:
  • The need for best-practices analyses.

Duration :5 Minutes 24 Seconds

Play Segment

In Segment Five, Yoran looks at future cyber security challenges:

  • The difficulty of assessing the level of exposure and risk in a cyber infrastructure;
  • The increasing security challenge posed by network “de-perimeterization”–e.g., with outsourcing, mobile and wireless platforms, and the proliferation of XML infrastructures

Duration :2 Minutes 50 Seconds

Play Segment

Amit Yoran serves as an independent director and advisor to several early stage security technology companies and large corporations. He was appointed by President Bush as the Administration’s cyber chief, responsible for coordinating the national activities in cyber security. Working with the Secretary of Homeland Security, Mr. Yoran coordinated among federal departments, law enforcement and intelligence efforts, as well as direct interaction with many leading IT and IT security companies. These efforts were particularly focused on protection of the 13 critical infrastructures of the United States.

Prior to joining the Bush Administration, Mr. Yoran was the Vice President of Worldwide Managed Security Services at the Symantec Corporation. Mr. Yoran was the founder of Riptech, a market leading IT Security Company, and served as its CEO until the company was acquired by Symantec. He previously served an officer in the US Air Force as the Director of Vulnerability Programs for the Department of Defense’s Computer Emergency Response Team. Mr. Yoran received a Master of Science degree from the George Washington University and Bachelor of Science from the United States Military Academy at West Point.

Amit Yoran amit@yoran.org

John F. Morton

John F. Morton is the Strategic Advisor for DomPrep. He is also the Homeland Security Team Lead for the Project on National Security Reform (PNSR). A member of the DomPrep team since its founding, he has served as managing editor for writer assignments and interviewer for scores of DomPrep audio interviews.

Translate »