Over the past several years, the ONUG Community narrative has been focused on practical digital transformation strategies in the Global 2000 that include its underpinning technologies plus IT organizational, process, culture and skills. We are all struggling with how to stitch together the new software building blocks that make up the digital enterprise. Hybrid-multi-cloud, a secure internet, machine learning/artificial intelligence, automated and software-driven infrastructure are but some of the building blocks that have come into focus at ONUG. But it’s become crystal clear that on the path to IT transformation, cybersecurity is the biggest hurdle. It’s for that reason the ONUG Board decided that at ONUG Fall we, as a community, need to talk about cybersecurity.  

Unfortunately, corporate cybersecurity teams are “on their own” to compete against nation-state foes, such as China, Russia, North Korea, Iran, etc. It’s an arms race where a single corporation is outspent even with the high double-digit spending that many are appropriating for defense. This is not an efficient way to defend a corporation as even the largest of corporations can’t outspend China, Russia, et al. In addition, the IT vendor supply chain ecosystem is unchecked and at many times, at risk of carrying exploits through backdoors into your corporation. There is no checking of source code or other inspection of the IT supply chain; and this supply chain is global, thanks to labor arbitrage.

Also, every corporation has external dependencies in their delivery chain ecosystem of goods and services that create a domino effect when one is attacked. When one link is infected, chances are all others in the chain become infected too. Most often it’s the weakest link in the supply chain that gets attacked, spreading the exploit to its partners. The ways in which we are participating in the cybersecurity arms race and mitigating against ecosystem risk are unsustainable. A new relationship between industry and federal government is needed to protect our digital future. 

At the Department of Homeland Security (DHS) Cybersecurity Summit in NYC on July 30th, the Honorable Kirstjen Nielsen, Secretary of Homeland Security, launched the National Risk Management Center to establish this new relationship between industry and the federal government to protect critical infrastructure and corporations from cyber threats. They seek industry participation at multiple levels.

At ONUG Fall, we’ll start an industry conversation on cybersecurity focused upon new approaches and methods to protect corporate digital assets and provide input to DHS’s Center on National Risk Management on what they can do to level the playing field between corporations and nation-states and so much more. At ONUG Fall, we’ll host discussions on these topics and more:

Identity & Access Control to Secure the Digital Enterprise: ONUG Global 2000 firms are moving to a distributed cloud edge offload model. Traditional security solutions don’t work in this scenario; will a zero-trust model be the way forward?  

The Rise of DevSecOps: What are the new security control planes in a highly automated, orchestrated, cloud-based world? How do runbook orchestration and response automation change IT SecOps?  Are containers and serverless hosting models more or less secure?

CISO Roundtable: IT Security Organizational Model & Culture Needs to Change: Security organizations have grown as siloed groups within corporate organizational structures. Security is being transformed to address the digital era’s risk profiles. How will next generation security architectures, such as zero trust, blockchain, etc., impact organization, skills and culture?

Can the Internet Be Secured?: The internet is some 30 years old, having been designed to share data in an open and free way. The current-day internet is now under mass surveillance and censored by different governments to capitalize on political benefits. From an architecture point of view, the internet is centralized, thanks to root DNS servers, and is secured by DNSSEC. Web trust is broken and prone to catastrophe, zombie apocalypse, alien invasion and government shutdown. Can Blockchain secure the internet via DNSchain, blockchain in routing (BGP), data storage, SDN, in IoT via a single tamper-proof distributed hash table? That is, will a blockstack secure the internet, data privacy, identity, storage and payments? What is the plan to secure the internet and the global digital economy?

The ONUG Community knows that cybersecurity organization, approached, technologies and operations has to transform for a digital enterprise to thrive in the digital economy. Security groups are being reorganized, retooled and retrained, and at ONUG Fall, we’ll explore the new structure for corporate cybersecurity groups for the digital era.  The ONUG Board invites all security professionals to join in the discussion to transform cybersecurity for the digital age.