NORTHPORT, NY, April 25, 2011– Laurin Buchanan, a subject matter expert on information security with the Secure Decisions Division of Applied Visions Inc., was invited to participate in NITRD’s Cyber Security Assumption Buster Workshop on Defense-in-Depth (DiD) on March 22nd, 2011. The workshop was the first in a series of four cybersecurity workshops conducted by The Federal Special Cyber Operations Research and Engineering (SCORE) Interagency Working Group. The workshop brought together a diverse group including practitioners and researchers to participate in an exploratory discussion to determine if there is a consensus in the community on whether DiD is faulty, the reasons why, and possible alternatives.
Defense-in-depth is a strategy that involves layering security mechanisms in order to increase security of a system as a whole. Approximately fifty individuals were asked to participate in the workshop after submitting a paper in response to the assertion, “‘Defense-in-Depth’ is a smart investment because it provides an environment in which we can safely and securely conduct computing functions and achieve mission success.”
Ms. Buchanan actively participated in the workshop discussions and shared her opinions of DiD based on her experience managing both information security and IT operations. “Trying to implement DiD in an existing organization is rather like trying to bolt the barn door after the horses have escaped,” she said. “I believe DiD as it currently exists as a ‘practical strategy’ is broken. It represents the best of 20th Century intentions, but it is inadequate to address 21st Century realities.” Discussion at the workshop included how DiD strategy and implementations need to be modified in order to compensate for the discrepancies between theory and existing, operational environments.
Ms. Buchanan, a Certified Information Systems Security Professional (CISSP) with more than twenty years of experience in IT, currently works at Secure Decisions as Principal Investigator on a variety of R&D projects focusing on mission assurance and cyber security. She has previously founded and managed corporate information security programs, including at a Fortune 1000 international firm, and has also managed IT operations and website development. Ms. Buchanan has previously spoken at ISC(2)’s Security Leadership series, and authored and delivered information security training to New York Software Industry Alliance members. Ms. Buchanan served two terms as Vice President of the Board of Directors of the New York Metro Chapter of the Information Systems Security Association (ISSA).
Learn more about the NITRD’s Assumption Buster Workshops here: http://cybersecurity.nitrd.gov/
About Secure Decisions and Applied Visions
Secure Decisions is a leader in cyber security visualization, with an established track record of R&D contracts and product development. Secure Decisions’ products are used to enhance the situational awareness of senior officers, computer network defenders, and other security professionals in government and commercial organizations. VIAssist™ and MeerCAT® are among Secure Decisions’ extensive portfolio of cyber defense solutions.
Applied Visions, Inc. (AVI) provides software products, custom solutions, and advanced technology research for commercial and government customers. The company’s vision and expertise in visual software solutions for complex defense, national security, and business problems have served AVI’s customers in the Department of Defense, Department of Homeland Security, the intelligence community, and prominent technology and Fortune 500 firms.
All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.