A New Approach to IT SecurityCyber Intelligence Requires Stakeholders to Share Information
Roberts edited the alliance's just-issued paper, Cyber Intelligence: Setting the Landscape for an Emerging Discipline (see Cyber Intelligence: What Exactly Is It?), which discusses how the current cyberthreat landscape requires a new way to share intelligence in unclassified cyberspace.
"It's important to understand that when we use the word intelligence that we're really talking about knowledge, not just information, and we're not necessarily talking about something that has to be classified," Robert says. "When we're talking about intelligence as an approach for the cyber arena, it's really about pulling together all the information that we know, processing it, analyzing it and providing unclassified, situational awareness and situations of warning to both government and industry."
In the interview, Roberts discusses the:
- Difficulties of industry to adapt the highly sophisticated approach the federal intelligence agencies employ to share cyber intelligence. "What we are not doing really is applying those intelligence techniques and tradecraft to the unclassified arena," she says. "Think about it this way: 90 percent of infrastructure in the cyber arena is owned by industry, and 90 percent of the information or data of cyber activity is in the unclassified arena. But we're not focusing on that realm in a comprehensive, consistent manner that we can provide unclassified cyber intelligence to all of industry."
- Multidisciplinary skills that cyber intelligence requires. "In the beginning nuclear age, you brought in people with the technical body of knowledge, then your brought people with a body of knowledge on that particular adversary, the culture, the leadership, and you brought it all together so you would have a 360 view," she says. "We haven't been doing that in the (private-sector) cyber realm. Many non-tech folks say, 'Eh, cyber, it's technical, I have nothing to do with this.'
"Actually, in cyber intelligence, you need analytics types of folks, you need people who understand the network environment, that operational background; you need people with technical background who understand the particulars of an attack vector or a fraud approach or sabotage approach that's being used. And, those folks together, need to be looking at the data, analyzing it and coming up with so what, the impact of what they're seeing today and what that means for the future."
Top Intelligence Officer
Roberts is executive director of the acquisition support program/interagency and cyber at Carnegie Mellon University's Software Engineering Instituting, leadings its customer support for the Department of Defense, the intelligence community and the federal government, with a special focus on network security and acquisition in today's cyber environment and architecture areas.
Before joining SEI, Roberts served as the deputy director of Naval Intelligence, where she led, together with the director of Naval Intelligence, more than 20,000 intelligence and information-warfare military and civilian professionals and managed more than $5 billion in resources, technologies and programs globally, working seamlessly with the entire defense-intelligence and Intelligence-Community senior leadership.
Earlier, Roberts served as the director of requirements and resources for the Office of the Undersecretary of Defense for Intelligence, leading the creation, establishment and implementation of the Military Intelligence Program, in partnership with the Director of National Intelligence, the services, the combat support agencies and the Office of the Secretary of Defense.
An intelligence professional since 1979, Roberts has held many senior intelligence positions. In addition, she has directed, conducted, and enabled intelligence operations globally, with much of this work being focused on the requirements, planning, and implementation of intelligence and communications technologies, software and architectures.