Cyber Maryland 2017: Leadership and Education Emerge as Key Themes

State of Maryland Committed to Protecting Critical Infrastructure, UMUC to Preparing Future Cyber Leaders

Gov. Larry Hogan kicked off Cyber Maryland 2017, which convened on Oct. 11 at the Baltimore Convention Center, by asserting that Maryland stands firmly dedicated to investing in the cybersecurity industry.

Hogan cited the Excel Maryland initiative, announced last May, as an example of Maryland’s effort to accelerate growth in sectors where the state already leads, including the life sciences and cybersecurity. “Excel Maryland will help pool the talents of our state agencies, our universities, and our private sector industry experts to help us create an environment in Maryland where more companies can start up here, and never stop growing here,” he said. “We’re educating the next generation of cyber warriors.”

U.S. Sen. Chris Van Hollen followed by calling on the public and private sectors to take action. “For the first time, in 2016, we saw an attack on our elections. The scale and scope made it clear that we all need to work together to meet the challenges ahead,” he said.

Van Hollen encouraged everyone to develop the cyber defenses they need, and he challenged private and public sector organizations to work together to detect attacks and find better ways to share information.

Addressing Cyber Leadership Challenges

University of Maryland University College sponsored the Education track at the conference, which brought together a panel of leaders from academia and the public and private sectors to discuss today’s cyber challenges and strategies for educating and preparing the industry’s future leaders.

Emma Garrison-Alexander, vice dean UMUC  Cybersecurity & Information Assurance program

The session titled “Cybersecurity Leadership: Preparing the Cyber Warriors of the Future,” moderated by Emma Garrison-Alexander, vice dean of UMUC’s  Cybersecurity & Information Assurance program, offered solutions for effective executive leadership across government agencies and businesses.

Growing the cybersecurity workforce is a huge issue, according to Sherri Ramsay, former director of the NSA/CSS Threat Operations Center. “With more than one million unfilled cyber jobs, we need a sufficient workforce to lead,” she said.

For Tina Williams, president of TCecure, a security, intelligence and critical infrastructure protection company based in Silver Spring, Maryland, effective leadership is also a commitment to issues. “Executives that have a cyber team need to understand all of the concerns, notably the difference between security and compliance,” she said. “Checking a box doesn’t necessarily leave a company in the best security position.”

Antonio Scurlock, chief, Cybersecurity Plans and Coordination at the Department of Homeland Security, emphasized trust—specifically, trusting, as a leader, that others on your team may know more than you. He recommended that leaders practice “followship.”

But, said Garrison-Alexander, today’s executives are busy with many competing priorities. Given the limited time and attention that CEO’s are able to afford to cybersecurity matters, she posed a final question to the panel. “How can we bring leaders into the fold?”

She wondered how cyber leaders gain the attention of CEOs and senior leadership, build their trust and get them to more fully invest in cybersecurity?

To gain the attention and trust of CEOs and senior leadership so that they more fully invest in cybersecurity, Williams suggested cyber leaders should “speak their language.”

“Talk about the impact of a breach in terms of the bottom line or market position. They [CEOs] are not thinking about bits and bytes and intrusion detection, but they are thinking about profitability,”  she said.

Sherri Ramsay stressed the importance of identifying and quantifying for each CEO the specific data and information—intellectual property and personal information, for example—that is imperative for the company under his or her charge to protect. “Put in place a practical scheme with a cost for how you’ll protect,” she said.

“Don’t be afraid to educate and involve multiple layers of leadership,” Scurlock advised. “Challenge leadership to lead.”

Finally, a common theme throughout the day was “investment,” in issues, innovation, and workforce. As Garrison-Alexander summed it up, “Leaders must invest in the people they bring in.”