Cyber, cyber, cyber

The newly appointed executive director of the US’ National Cyber Security Alliance (NCSA) is relishing the challenge of building cybersecurity awareness.

“This is such an incredible role, if I could have designed a career for myself, this would be it,” Kelvin Coleman, the new executive director of the NCSA, told The Daily Swig

It may be a perfect job, but it’s also demanding, and one that carries an extremely broad remit.

The NCSA is charged with raising cybersecurity awareness for home users, small and medium-sized businesses and educational institutions, through partnerships with private sector companies, non-profits, and the Department of Homeland Security (DHS).

This last organization is one that Coleman knows well – he spent nine years at the DHS’ Office of Cybersecurity and Communications working on national guidelines for workforce cybersecurity safety before joining FireEye’s Intelligence and Special Programs Division.

“My boss at Homeland Security asked me what we were doing to mitigate the challenge of cybersecurity, and that started my career in this area,” he said.

“A lot was being done, but there was no centrally coordinating entity that would bring it all together. That’s what I was challenged to do, and I think we did a pretty decent job.”

As executive director of the NCSA, Coleman said his main aim is to improve cybersecurity awareness, pointing out that the majority of breaches are caused by human rather than technological errors.

“If this was just a product or processes problem, we could have solved it a long time ago,” he said. “[That’s] because products are generally pretty good, and the business models for a lot of technology companies is to be the best so that we buy their products.”

“The trend I see round the corner is to focus on the human beings,” he added.

Coleman also highlighted the way so-called Generation Z is now starting to enter the workforce, bringing new attitudes and risks of their own.

“It’s going to have an impact on companies next year, and the year after, and the year after that, and we’re going to have to really adjust and figure out technology usage for Generation Z because this is all they've known," he said.

Familiarity breeds contempt, and many of that generation may lack some of their elders’ caution, Coleman believes.

“They’re still young people and no matter what discipline we’re talking about, they tend to be much more adventurous than older people – and I don’t think that’s a technology thing, I think that’s a brain thing, a neurological thing,” he said.

“While they are more savvy at using technology and implementing technology, we want to make sure that they are just as savvy at implementing security.”

A large part of Coleman’s work will involve travelling around the country on awareness-raising campaigns, but he’s particularly keen to build on the NCSA’s history of industry collaboration.

In one current effort, the organization is working with Intel on a campaign called #UpdateMeow, using rewards from t-shirts to cat pillows as an incentive.

“We want people to secure their system to make sure that they have a clean machine by patching it and making sure they are doing everything they can to improve security,” Coleman said.

Other initiatives include National Cybersecurity Awareness Month, which takes place every October, bringing together the DHS, the NCSA, multinationals, and academic institutions to promote the safe and secure use of the internet as well as digital privacy.

Coleman said he hopes to build on the goodwill from this event for future awareness-raising initiatives around the US.

“I started two weeks ago, and it’s like drinking from a fire hose – information is coming left and right – but I do love it, and I have a great, great staff,” he said. “Who wouldn’t want to go round the country and world to build partnerships and help folks that really don’t understand what cyber’s all about?”