Leading Against the Enemy Within

Given the right training and technology, the Air Force is better equipped than the private sector to thwart hackers after they have breached a network’s outer defenses, said Richard Bejtlich, chief security officer for Mandiant, an information security company headquartered in Alexandria, Va. “The military is very used to thinking in terms of fighting in a contested domain,” said Bejtlich in his address Friday at AFA’s CyberFutures Conference in National Harbor, Md. He added, “The private sector has no concept of that, or if they do it’s a very small group of people” within a few top defense contractors. “People tend to think in terms of . . . a pristine network,” said Bejtlich. There’s still a lot that can be done even after a breach, though, to deny intruders their objective, make their job more difficult, and mitigate loss, he stressed. “This is one area the military can lead the way in terms of: ‘This is how you continue to operate and continue to run your business, despite having bad guys inside your enterprise,'” he said.