Preparing for a potential cyberattack enables agencies to regain the use of critical systems and infrastructures as soon as possible after a crisis. However, according to Federal leaders, the human element of any cyber preparedness plan remains a top challenge.
A disaster recovery plan aims to ensure operational continuity following a cyberattack; it provides data asset protection and prevents potential data loss in the future. Yet a plan is only as effective as its defensive line – the workforce – said Kenneth Miltenberger, branch chief for the Cyber Red & Blue Team at the U.S. Coast Guard.
“I think that the humans in the loop will always be a challenge [as] human error is somewhat unavoidable,” Miltenberger said during a virtual event organized by AFCEA on June 14.
To ensure a strong front-line defense, an enterprise must ensure that everyone on the team has an opportunity to strengthen their relevant skills. This helps make sure that every team member can perform their responsibilities day in and day out. With proper training, “this challenge can be surpassed and strengthen your defense,” Miltenberger added.
Brian Merrick, director of the Cloud Program Management Office at the Bureau of Information Resource Management for the State Department, echoed Miltenberger’s assessment that the largest challenge in a cyber preparedness plan is the “human in the loop.”
Merrick learned this first-hand when an incident – and lack of communication among his workforce – resulted in lost data.
“We learned from this incident that open communication and training is crucial to this not happening again,” Merrick said. “We need to make sure that everyone on our team understands what our cyber plan is and what their responsibility in our cyber posture is, whether that is ensuring data backups are up to date or limiting access to users.”
Additionally, Merrick and Miltenberger explained that preparing for a cyberattack and overcoming the human challenge in training should not be limited to the IT team.
“Cyber is a team sport, not an IT sport, which means everyone in your enterprise must be aware of the organization’s cybersecurity strategies in real-time this means open communication and efficient cyber training,” Miltenberger said.