Does It Matter That Michael Daniel May Indeed be a ‘total n00b’?

White House cybersecurity coordinator Michael Daniel made some comments recently about the demands of his job that subsequently blew up on Twitter. When questioned about whether a 17-year veteran of the OMB like himself really had the technological chops to serve as the nation’s cybersecurity czar, Daniel responded that “you don’t have to be a coder in order to really do well in this position. In fact, I think being too down in the weeds at the technical level could actually be a little of a distraction in that sense.” Nextgov caught up with Daniel after a citizen of the Internet, bastion of democracy that it is, branded him a “total n00b.”

While his Twitter critics are correct that Daniel himself can’t build a firewall, he told Nextgov that his office is making a huge push to “get more cyber-literate technologists trained and into jobs” -- an endeavor that might not require coding skills. Results from several of GBC’s recent studies appear to corroborate Daniel’s statements:

“We haven't fully confronted cybersecurity as a human behavior and motivation problem as opposed to just a technical problem,” he told Nextgov. “And until we really understand the human factor and change our approaches as a result of that understanding, we will continue to fail at solving this problem."

Evidence for this approach is particularly salient since the iCloud celebrity photo leak earlier this month, after which Apple CEO Tim Cook told the Wall Street Journal that the company had a responsibility to educate customers better in order to combat the human element of the problem.

GBC’s recent study confirms that unintentional human threats are considered the most serious, even among senior government officials. Respondents familiar with cybersecurity indicated that phishing/spear phishing and emails embedded with malware pose the greatest cyber threats to their agencies. Furthermore, GBC found that the greatest cybersecurity gaps at federal agencies are also human-centric. These include identity and access management, security tools, and security operations.

"The real underlying issue in the cybersecurity problem is not purely a technical problem,” he explained.

Regardless of the cybersecurity coordinator’s involvement, issues throughout the field are complicated by human factors. For instance, adopting continuous monitoring techniques is the next big thing on the defense community’s cyber agenda. GBC’s newest study examines the difficulties of using big data analytics in cybersecurity, and found that the three biggest challenges were non-technical in nature -- respondents identified budget constraints, lack of trained personnel, and a complex regulatory environment.

Top Challenges in Using Big Data for Cybersecurity

You can see the rest of GBC’s findings on the subject  here, and download the infographic here.