Cybersecurity
ORNL Might Outsource Threat Detection, Response Work, CISO Says
Oak Ridge National Laboratory plans to outsource threat detection and response services to adopt a proactive approach to closing vulnerabilities, according to the lab's top cybersecurity official.
Kevin Kerr, ORNL's chief information security officer, told Nextgov that the number of cyber threats is too large for the laboratory's in-house security team and security operations center to handle.
“You have a changing environment, you have the ever-changing threat. So we started looking at an MTDR-type environment to help us and act as a force multiplier," Kerr said.
The vendor would not only handle ORNL's security but also track security threats across different sectors, potentially stopping threats before they are realized, Kerr said.
He added that having a vendor that can automate security operations would give the laboratory a holistic view of the threat landscape.
ORNL previously tapped industry to perform penetration testing because its in-house team did not have the time nor the expertise to handle the task.
Kerr said the penetration tests allowed ORNL to identify what its vulnerabilities are and learn how malicious hackers could have exploited them.
The process, Kerr added, has helped ORNL adopt a DevSecOps development cycle over the past year. He said having a managed threat detection and response service can boost security as much as third-party penetration testing did.
“Within 24 hours we had a team of 30 people on site. But that wasn’t there and it was reactive. With an MTDR, it’s there, it’s proactive," Kerr said regarding the previous penetration testing initiative.
Category: Popular Voices