George McKenzie founded a successful cybersecurity company, now leads the Accenture Federal Cyber business, and always welcomes a challenge
What are the main security challenges our clients now face?
GEORGE McKENZIE: Talent is the most significant challenge. When it comes to cyber, there’s just not enough supply to meet ever-growing demand. And while cyber talent is scarce for both the public and private sectors, the obstacles are greater for government given the challenges around workplace flexibility and compensation. It can be difficult for agencies to compete for skills, and yet they must. After all, in addition to the longstanding need to protect citizen and government services, cyber represents the next-generation battlefield for governmental warfare.
How can governments overcome the challenges?
GM: A big part of the answer lies in harnessing shared services, security automation and orchestration, and artificial intelligence (AI). Automating the routine and amplifying the cyber workforce effectiveness can help government agencies close the skill gap.
At the same time, as agencies migrate away from on-premise systems to the cloud, that shift has incredible potential to increase security and re-imagine secure citizen services. But cloud migration isn’t a cure-all. When you “lift and shift” a poorly written, poorly designed app to the cloud, you’re just relocating your security problems.
Right now, agencies have a once-in-a-lifetime opportunity to embrace IT transformation. This is a chance to rethink everything about technology and the way in which our citizens securely interact with government services and have confidence in our ability to protect their data privacy. With that in mind, I encourage organizations not to “lift and shift” but rather to innovate and migrate.
How do you see the role of new technologies, such as IoT and AI, affecting our clients?
GM: IoT builds on a growing trend: the disappearing network perimeter. With IoT, your network edge is pushed out to every user input device—from phones and laptops to soda machines and coffeepots. In other words, every IoT sensor or device becomes part of what you must defend.
I see AI becoming a tremendous ally in the cyber battlefield. When you’re dealing with threats and attack vectors of massive scale, it’s one of the mechanisms for leveraging vast quantities of data from an infinite number of sources. Machine learning can spot trends that human eyes would miss, and you can use those insights to determine what’s normal and abnormal and then more readily identify potentially dangerous activity in your environment.
Which innovations are you most excited about?
GM: To be honest, I’m less excited about specific technologies and more energized by the fact that cyber is constantly evolving. The job is never the same; you’re never solving a stagnant challenge.
Beyond that, I’m looking forward to continued opportunities to help clients automate the “mundane” aspects of security so they can focus on more advanced adversaries. A terrific example of that is the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) Program, which is providing a single dashboard for all agencies to report vulnerabilities. This is a form of shared services—empowering agencies to learn from each other and maximize the value of information, threat intelligence and informed risk-based decisions.