David Wennergren, senior vice president of technology at the Professional Services Council, has suggested a change in industry and government attitudes towards the adoption of new technologies and focus on measurable outcomes for cybersecurity strategies.
In an FCW opinion piece published Friday, Wennergren wrote agencies can apply continuous monitoring to network defense as opposed to “a point-in-time focus on certification and accreditation.”
He lauded the Defense Information Systems Agency for issuing provisional clearances to 23 cloud service platforms, but noted that subjecting such offerings to additional oversight of the Defense Department suggests a “desire for personal control and a lack of trust.”
He also sought the implementation of new laws that seek to address information sharing and liability issues and called for the revision of current policies, including the Federal Information Security Management Act.
Wennergren, an inductee into Executive Mosaic’s Wash100 list for 2015, added that cyber threats “could be successfully addressed through the combination of strong identity management, attribute-based access control and security at the data level.”