Folk brings more than 18 years of experience supporting the national and homeland security communities, working in operations, intelligence, infrastructure protection, and cybersecurity programs for the DoD, IC, and DHS.
In this interview he discusses the challenges involved in working with several U.S. government agencies, approaching the insider threat, the resilience of the government cyber ecosystem, future threats, and more.
How has your background prepared you for your current role as Director of the HS SEDI FFRDC National Protection Division? What are the main challenges involved in working in this position?
I have had the privilege of being involved in a wide range of national and homeland security missions over the course of my career. At MITRE, a not-for-profit organization that operates federally funded research and development centers for several U.S. government agencies, I started out supporting the Department of Defense (DoD) on sensitive activities and special programs, then changed to an intelligence focus and ultimately, to a homeland security focus.
Working across those three missions has provided me with a very strong foundation to address the challenges my team faces today. I’ve also supported the U.S. Navy, the Department of Energy, the FBI, the U.S. Intelligence Community and helped stand up DHS — it’s been very well-rounded and thorough exposure. I understand how these vastly different organizations and their missions intersect; they must work in concert with one another to help bring the right solutions to their individual national defense and security missions.
What's the most underrated digital threat to the critical infrastructure at the moment?
We have been intensely focused on securing the .gov and less so on helping commercial companies understand or appreciate the threat they face. A fundamental change to our cybersecurity game is to alter what we watch and what we share.
For the past 30 years, companies have primarily played a reactive game of, “reduce the attack surface.” In other words, we have become obsessed with understanding ourselves and our own networks, our own devices. We have felt that if we can fully understand all of our infrastructure and the associated vulnerabilities, then we can use software products to mitigate threats by blocking malicious sites and patching systems to correct exploitable vulnerabilities. As with most complex problems, this singularly focused approach is not bad, but it is not sufficient.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.