SlideShare uma empresa Scribd logo

Cybersecurity A Community Approach - 20151109

F
Frank Backes
1 de 14
Baixar para ler offline
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 1 A Community Focused Approach to Cybersecurity Excellence Mayor's Vision: Colorado Springs will be the Cybersecurity Capital of the World Submitted by Frank Backes, CEO Braxton Science & Technology Group 6 North Tejon Street, Suite 220 Colorado Springs, CO 80903 frank.backes@braxtontech.com Phone: 719-380-8488
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 2 Introduction Data transport and security plays a significant and increasingly important role in our personal lives, businesses, and national security. The Internet has become the backbone of data transport and security supplemented by networks used for banking, government, industry, commercial, and civil systems. Virtually all businesses communicate internally and with their suppliers and customers via the Web and email, and the US Government increasingly communicates with citizens by online means. The rest of the developed world is in a similar position, and much of the developing world is catching up fast. Colorado Springs’ political leadership recognizes the importance of cybersecurity to our nation and has determined it is highly desirable that our community has a strong, productive and competitive cybersecurity industry, based on existing local resources, historical experience, inherent knowledge, skills and capability. Colorado Springs finds itself in an enviable place when considering where the US Government and Industry should invest in cybersecurity capability. Several pillars differentiate and define our community’s ability to deliver on the Mayor’s vision, “Colorado Springs will be the Cybersecurity Capital of the World”, as follows: 1. Headquarters Air Force Space Command – Organize, Train and Equip role for Space and Cyber. 2. United States Northern Command (USNORTHCOM) 3. North American Aerospace Defense Command (NORAD) and NORAD 4. Schriever Air Force Base - Command and control for over 170 Department of Defense warning, navigational, and communications satellites 5. Army Space and Missile Defense Command 6. Cheyenne Mountain Air Force Station 7. Joint Functional Component Command for Integrated Missile Defense (JFCC IMD) 8. Missile Defense Agency
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 3 9. US Air Force Academy – Future home of the Air Force Cyber Innovation Center (AFCIC) 10. UCCS, a world-class university capable of delivering education and research 11. Catalyst Campus for Technology Innovation – An industry-driven workforce development, research, development, and operations facility focused on Cybersecurity 12. Commercial industry leaders in cybersecurity (FedEx, Oracle, root9B, MainNerve, Progressive, and many others) 13. Home to more than 200 Aerospace and Defense industry companies with a vested interest in the cybersecurity capabilities of our community These community pillars are the pathway to Colorado Springs’ ‘brand’ in the cybersecurity market. When combined and directed in a coordinated strategy, we have the opportunity to build a successful, competitive and knowledge-based industry to exploit the undoubted need for cybersecurity in the US and other countries. These pillars also represent the three required elements for successful technology market leadership and economic sustainability. 1. Academic research and education 2. Industry expertise and investment 3. Operational customer base and revenue (Military and Commercial) The Cybersecurity market is highly fragmented and heterogeneous. Its structure is complex and not widely understood. In particular, there is considerable confusion and uncertainty regarding the market dynamics for cybersecurity, in terms of demand, competitiveness and government’s role in facilitating a strong cybersecurity capability for the nation. This white paper will strive to clarify this market and describe how the technology pillars in our community can unite to become the cybersecurity capital of the world.
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 4 Defining Cybersecurity Markets The market structure and supply chain depend on the nature of the business being protected, the extent of exposure to potential threats, and the value of an attack for the cyber-criminal. For this report, we identified five separate and distinct submarkets, each of which has different end- user organizations and supply chain players. Crossover between supply chains in the submarkets is not straightforward. The five submarkets are: The Colorado Springs community has organizations that represent both customers and suppliers of products and services in each cybersecurity sub-market. The sophistication, motivations, and funding of cyber-criminals is the primary characteristic this paper is using to
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 5 differentiate each of these cybersecurity submarkets. The categories of cyber-criminals considered are: Terrorists Competitors/Corporate Espionage Organized Crime Foreign Entities Activists/Hacktivists Organizations Foreign Nation-states Insider Threats Independent Hackers Nation-states, terrorists, hackers and organized crime are the cybersecurity villains that everybody loves to hate. While there is no doubt these cyber-criminals are a force to be reckoned with, insiders, current and former employees are increasingly a risk to many organizations. The Consumer and Small Business sub-market have cybersecurity needs, but these are less sophisticated primarily due to the funding and type of cyber-criminal targeting this market segment. The submarket for small businesses and consumers is aggregated here because the supply chains serving their needs for products and services are similar. The cyber-criminals focused in this market are operating mostly as individuals and command limited funding for their capability. The Business and Enterprise cybersecurity market is oriented around large commercial enterprises securing their day-to-day business. This includes banks, telecommunications companies, utility and energy firms, manufacturers and retailers, and its constituency comprise the largest firms operating in the US. Some of these firms have a role to play in the nation’s critical national infrastructure, but the nature of the threat is less than that for intelligence and defense organizations. The cyber-criminals we find in this market include competitors, insiders, independent hackers, organized crime, and hacktivists. These criminals can be well funded and
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 6 are looking for significant results and return for the risk they are taking in attacking a business or enterprise. The Industrial market segment includes Civil, Utility, Healthcare, Energy, Justice Systems, and others: this submarket incorporates all the other government-funded cybersecurity tasks. It includes security of health and education data, crime and criminal justice information, as well as more run-of-the-mill (but essential) national infrastructure systems. As an example, one of the most publicized cybersecurity attacks of all time were major breaches that occurred in 2014, successfully accessing US government databases holding personnel records and security- clearance files containing sensitive information of about 22.1 million people, including not only federal employees and contractors but their families and friends. It is believed by US officials that the attack was sponsored by China who was conducting a form of traditional espionage. The Military and Intelligence submarket is focused on securing national assets, weapon systems, the nation's secrets, and involves security and intelligence agencies. It incorporates the most advanced (and most secret) cybersecurity technologies available. The attacks in this market come from all players in the cyber-criminal spectrum. While terrorist groups and nation- state backed cyber-criminals have significant funding and the most sophisticated capabilities, insider threats have proven to be challenging to detect and mitigate but have had devastating impacts. The Edward Snowden incident is a good example of the impact a single insider threat can have. In response to nation-state, terrorist, and sophisticated competitors engaged in industrial espionage the Ethical Offensive Cyber market has grown significantly. This is an arena that requires technical, ethical, cultural, and legal expertise to be combined with products, services and operational expertise to achieve the intended outcomes without breaking US constitutional and international laws.
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 7 The purpose of identifying these five separate submarkets is not to silo these markets, or draw hard and fast lines between them. In fact, there is a degree of crossover between buyers in the submarkets in our model. The purpose is to identify the differences in supplier structures that feed each of the submarkets and address them in reference to the value proposition that the Colorado Springs community has to offer. From a supplier point of view, it is vitally important to understand the characteristics of each particular market. Selling into the defense and intelligence sub-market is entirely different than doing business with small businesses and consumers, just as selling into large enterprises is different than selling into the public sector (even beyond the defense and intelligence elements). The sophistication and scale of the cybersecurity requirements, the credentials and clearance requirements, and the way in which each submarket procures cybersecurity capability are all substantially different in each sub-market. Suppliers to the cybersecurity market, therefore, need to understand the dynamics of their particular target market. The Colorado Springs community must use this information to adjust its strategies in developing and branding a cybersecurity economic foundation. Understanding Technology Creation & Revenue Lifecycle The maturity of cybersecurity solutions can be assessed using traditional product development lifecycle analysis. It is imperative that we understand the economic impact to our community in each phase of the technology maturation process in order to prioritize and coordinate our economic development activities. The first phase of technology development is focused around education and fundamental research. The funding for fundamental research comes through government grants and industry investments. These initial grants and investments are a fraction of the funding that will be allocated to a new technology as it matures into a revenue generating
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 8 product. Once the basic principles have been studied, practical applications can be applied to the initial findings from research. The technology development phase is started when practical applications align with customer demand. This is when the funding profile for technology development starts to include additional industry and customer based funding. Generally both analytical and laboratory studies are required at this phase to see if a technology is viable and ready to proceed further through the development process. The technology development phase includes the creation of prototypes that can be used to verify the technology application to the specific target markets and customer requirements. Once the proof-of- concept technology is validated additional funding from industry and customers can occur. Representatives from the funding sources will require that the working model or prototype be demonstrated in a real world environment to maintain the funding stream. When the technology has been applied to revenue generating products or services it is ready for delivery to the cybersecurity market. Customer demand and the ever changing threat environment represented in the cybersecurity market cause the timeline for new cyber security technologies and products to be extremely short. Some cybersecurity products go from concept to deployment in less than 6 months. Colorado Springs will have to create an entrepreneurial, flexible, and supportive business environment in order to capture the national and international revenue sources from fundamental research through produce sales and essential in branding our community as a market leader in cybersecurity.
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 9 Three Pillars of Economic Sustainability in Colorado Springs Academic Research and Education Academic research and education is a foundational component of the economic sustainability model recommended in this white paper. Our community has two excellent, internationally known, universities: the US Air Force Academy (USAFA) and University of Colorado at Colorado Springs (UCCS). By coordinating activities at these two universities we can address the need for fundamental technology research and education in all five cybersecurity submarkets. UCCS can address the needs of the Consumer, Small Business and Large Business markets while sharing technologies in the Industrial market with the USAFA. The USAFA is addressing the needs of the Industrial, Defense and Intelligence, and the Ethical Offensive Cyber markets through the creation of the Air Force Cyber Innovation Center (AFCIC). The AFCIC can uniquely address the complex requirements associated with cybersecurity research for defense and intelligence customers because of their specialized experience, access to cleared personnel and secure facilities. The AFCIC is teaming with Catalyst Campus to create a bridge from military-based fundamental research to industry-based applied research that will lead to government and commercial cybersecurity architectures, products, and services. Industry Expertise and Investment Industry expertise and investment in our community can be delivered through the Catalyst Campus. Catalyst Campus is building a unique Cyber and Space applied research and development (R&D) laboratory/operations center in downtown Colorado Springs that can operate as the hub for industry engagement in our community’s cybersecurity strategy. Catalyst Campus is a collaborative ecosystem where industry (small business to medium sized entities,
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 10 start-ups, etc.) workforce development and venture capital intersect with the diverse resources of Southern Colorado to create community, accelerate economic development and stimulate job growth. Catalyst Campus is home to the following organizations and facilities: 1. Center for Technology, Research and Commercialization (C-TRAC) - A 501c3 non-profit technology transfer and commercialization office that advances technology from industry partners, the military, the government and/or other advanced industries through state-of- the-art laboratories and operations center. 2. Southern Colorado Technology Alliance (SCTA) - A 501c6 non-profit membership organization that caters to the needs of Southern Colorado’s aerospace, defense and technology companies and provides mentorship and business opportunities for new small businesses and entrepreneurs. 3. A collaborative environment with shared resources and small business support services to stimulate innovation, advancement and job growth for Advanced Industries (specifically aerospace and defense, cyber, software development, technology and advanced manufacturing). 4. Catalyst Campus – Industry-driven education that supplies a trained and ready workforce specific to Southern Colorado’s needs and future government contracts. 5. Applied research and development labs through a non-profit community “collaboratory” to train the latest cybersecurity, software technologies, and programming languages. Operational Customer Base and Revenue The operational customer base and revenue needed to complete the third pillar of our economic sustainability for cybersecurity ecosystem in Colorado Springs will come from our existing military and commercial community partners. One source of research funding sponsored by the U.S. Government is the Small Business Innovation Research (SBIR) and Small Business
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 11 Technology Transfer (STTR) program. This program is designed to serve the technology needs of the USG and tap into innovative small businesses. These programs, together with the people who manage them, accomplish this as part of the USG technology development efforts to identify and provide advanced, affordable, and integrated technologies. For example, the Air Force Research Laboratory (AFRL) executes the SBIR and STTR programs for the Air Force. Over $3 million in research funding from AFRL has already been committed to be implemented in the laboratories and operations center on the Catalyst Campus. In addition, Catalyst Campus has identified an additional $20 million in SBIR Phase 3 funding in the planning stages that may be awarded to Colorado Springs headquartered companies in the near future. The maturity of cybersecurity solutions, like many technologies, can be assessed using Technology Readiness Levels (TRL) analysis. TRL is a type of measurement system used by government programs to assess the maturity level of a particular technology. Each technology idea is evaluated against the parameters for each technology level and is then assigned a TRL rating based on the maturity of the technology. There are nine technology readiness levels. TRL 1 is the lowest and TRL 9 is the highest. When a technology is at TRL 1, scientific research is beginning and those results are being translated into future research and development. TRL 2 occurs once the basic principles have been studied and practical applications can be applied to
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 12 those initial findings. TRL 2 technology is very speculative, as there is little to no experimental proof-of-concept for the technology. When active research and design begin, a technology is elevated to TRL 3. Generally both analytical and laboratory studies are required at this level to see if a technology is viable and ready to proceed further through the development process. Often during TRL 3, a proof-of- concept model is constructed. Once the proof-of-concept technology is ready, the technology advances to TRL 4. During TRL 4, multiple components are tested with one another. TRL 5 is a continuation of TRL 4; however, a technology that is at TRL 5 is ready for more rigorous testing using simulations that are as close to representative of real world application as possible. Once the testing of TRL 5 is complete, a technology may advance to TRL 6. A TRL 6 technology has a fully functional prototype or representational model. TRL 7 technology requires that the working model or prototype be demonstrated in a real world environment. TRL 8 technology has been tested and "operationally qualified" and it is ready for implementation into an already existing technology or technology system. Once a technology has been "operationally proven" during a real mission, it can be called TRL 9. The TRL model for assessment can also be used to understand the sources, timing, and magnitude of revenue associated with a new technology. The Air Force supports transition from basic research to capability delivery through the Commercialization Readiness Program (CRP). Whether you are a SBIR/STTR veteran or have just received your first Phase I contract, you should already be focused on achieving technology transition and commercial success. The primary objective of the CRP is to accelerate the transition of SBIR/STTR-developed technologies into real-world military and commercial
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 13 applications. To achieve these goals the CRP team gets involved early and stays engaged throughout the process. Conclusion & Recommendations This white paper has identified cybersecurity markets that the community of Colorado Springs is in a position to lead on a national and international scale. Three pillars of critical capability and resources already exist in our community. Today these critical community resources operate independently and occasionally in competition with one another. If Colorado Springs is going to achieve the vision for the future laid out by Mayor John Suthers, we will need to coordinate our activities and develop brand recognition nationally and internationally in the cybersecurity market and submarkets identified in this white paper. Recommendations Set up a Mayor sponsored task force chartered to coordinate the activities of our critical community resources capable of delivering on the cybersecurity vision of the future. The members of this task force should be the contributors and stake holders in the Mayor’s vision: 1. City Official tasked with implementation of the Mayor’s vision 2. A representative from the Colorado Springs Regional Business Alliance who speaks for local industry 3. A representative from UCCS responsible for the cybersecurity strategy 4. A representative from the USAFA responsible for the implementation of the AFCIC 5. A representative from Catalyst Campus Center for Technology, Research and Commercialization (C-TRAC) 6. An economic sustainability expert from the community 7. A representative from the local Military
Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 14 Some of the efforts this task force should focus on are: 1. Develop a branding and marketing strategy for the City of Colorado Springs that clearly identifies our community as an ideal place to start and grow a cybersecurity business. 2. Coordinate research opportunities from DoD, Homeland Security, NASA, Intelligence Agencies, and Commercial Companies with a focus on capturing funding and investment for cybersecurity projects to be executed locally. 3. Work through the Colorado Springs Regional Business Alliance, local investors and business owners to put a strategy in place to develop, acquire and grow cybersecurity companies establishing or moving their headquarters and research and development activities to Colorado Springs. 4. Encourage teaming and cooperation between academia, industry, and government in our community to speak in one voice with one vision. Colorado Springs will be the Cybersecurity Capital of the World

Recomendados

You Are the Target
You Are the TargetYou Are the Target
You Are the Target
EMC
 
Securing information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPSecuring information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WP
Philippe Boivineau
 
Carlos Moreira Cyber Security Round-table Moderation in NY 2014 M&A Advisory ...
Carlos Moreira Cyber Security Round-table Moderation in NY 2014 M&A Advisory ...Carlos Moreira Cyber Security Round-table Moderation in NY 2014 M&A Advisory ...
Carlos Moreira Cyber Security Round-table Moderation in NY 2014 M&A Advisory ...
Creus Moreira Carlos
 
Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 feb
mharbpavia
 
IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016
thinkASG
 
Databreach forecast
Databreach forecastDatabreach forecast
Databreach forecast
Suresh Kesavan
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceo
João Rufino de Sales
 
Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)
naveen p
 

Recomendados

You Are the Target
You Are the TargetYou Are the Target
You Are the Target
EMC
 
Securing information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WPSecuring information in the New Digital Economy- Oracle Verizon WP
Securing information in the New Digital Economy- Oracle Verizon WP
Philippe Boivineau
 
Carlos Moreira Cyber Security Round-table Moderation in NY 2014 M&A Advisory ...
Carlos Moreira Cyber Security Round-table Moderation in NY 2014 M&A Advisory ...Carlos Moreira Cyber Security Round-table Moderation in NY 2014 M&A Advisory ...
Carlos Moreira Cyber Security Round-table Moderation in NY 2014 M&A Advisory ...
Creus Moreira Carlos
 
Final cyber risk report 24 feb
Final cyber risk report 24 febFinal cyber risk report 24 feb
Final cyber risk report 24 feb
mharbpavia
 
IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016IBM X-Force Threat Intelligence Report 2016
IBM X-Force Threat Intelligence Report 2016
thinkASG
 
Databreach forecast
Databreach forecastDatabreach forecast
Databreach forecast
Suresh Kesavan
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceo
João Rufino de Sales
 
Cyber savvy (2)
Cyber savvy (2)Cyber savvy (2)
Cyber savvy (2)
naveen p
 
Cyber Warfare
Cyber WarfareCyber Warfare
Cyber Warfare
Jason Fernandes
 
Global Cyber Market Overview June 2017
Global Cyber Market Overview June 2017Global Cyber Market Overview June 2017
Global Cyber Market Overview June 2017
Graeme Cross
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. Framework
Divya Kothari
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Stanford GSB Corporate Governance Research Initiative
 
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)Etude PwC/CIO/CSO sur la sécurité de l'information (2014)
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)
PwC France
 
Cyber security market
Cyber security market Cyber security market
Cyber security market
Sidhant Kale
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in Banking
IJSRED
 
IT_Cutter_Publication
IT_Cutter_PublicationIT_Cutter_Publication
IT_Cutter_Publication
Wesley J. Meier, CISM, CIP
 
Data Security and Privacy Under The Compliance Spotlight April 2014
Data Security and Privacy Under The Compliance Spotlight April 2014Data Security and Privacy Under The Compliance Spotlight April 2014
Data Security and Privacy Under The Compliance Spotlight April 2014
Adriana Sanford
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
Aviva Spectrum™
 
WCIT 2014 Matt Stamper - Information Assurance in a Global Context
WCIT 2014 Matt Stamper - Information Assurance in a Global ContextWCIT 2014 Matt Stamper - Information Assurance in a Global Context
WCIT 2014 Matt Stamper - Information Assurance in a Global Context
WCIT 2014
 
Eamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E Commerce
EamonnORagh
 
Accenture re-organizing-todays-cyber-threats
Accenture re-organizing-todays-cyber-threatsAccenture re-organizing-todays-cyber-threats
Accenture re-organizing-todays-cyber-threats
Lapman Lee ✔
 
IC3 2019 Internet Crime Report
IC3 2019 Internet Crime ReportIC3 2019 Internet Crime Report
IC3 2019 Internet Crime Report
- Mark - Fullbright
 
Online Trust Alliance Recommendations
Online Trust Alliance RecommendationsOnline Trust Alliance Recommendations
Online Trust Alliance Recommendations
Meg Weber
 
Breach level index_report_2017_gemalto
Breach level index_report_2017_gemaltoBreach level index_report_2017_gemalto
Breach level index_report_2017_gemalto
Jonas Mercier
 
Whitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enWhitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_en
Bankir_Ru
 
CyberSecurityBook[Final]
CyberSecurityBook[Final]CyberSecurityBook[Final]
CyberSecurityBook[Final]
Lucy Kitchin
 
Not Prepared for Hacks .docx
Not Prepared for Hacks .docx Not Prepared for Hacks .docx
Not Prepared for Hacks .docx
hallettfaustina
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceo
Cyber Threat Intelligence Network
 
Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028
Renub Research
 
wp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industrywp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industry
Numaan Huq
 

Mais conteúdo relacionado

Mais procurados

Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. Framework
Divya Kothari
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Stanford GSB Corporate Governance Research Initiative
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in Banking
IJSRED
 
Data Security and Privacy Under The Compliance Spotlight April 2014
Data Security and Privacy Under The Compliance Spotlight April 2014Data Security and Privacy Under The Compliance Spotlight April 2014
Data Security and Privacy Under The Compliance Spotlight April 2014
Adriana Sanford
 

Mais procurados (17)

Cyber Warfare
Cyber WarfareCyber Warfare
Cyber Warfare
 
Global Cyber Market Overview June 2017
Global Cyber Market Overview June 2017Global Cyber Market Overview June 2017
Global Cyber Market Overview June 2017
 
Security Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. FrameworkSecurity Compliance Models- Checklist v. Framework
Security Compliance Models- Checklist v. Framework
 
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the BoardroomCritical Update Needed: Cybersecurity Expertise in the Boardroom
Critical Update Needed: Cybersecurity Expertise in the Boardroom
 
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)Etude PwC/CIO/CSO sur la sécurité de l'information (2014)
Etude PwC/CIO/CSO sur la sécurité de l'information (2014)
 
Cyber security market
Cyber security market Cyber security market
Cyber security market
 
State of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in BankingState of Cyber Crime Safety and Security in Banking
State of Cyber Crime Safety and Security in Banking
 
IT_Cutter_Publication
IT_Cutter_PublicationIT_Cutter_Publication
IT_Cutter_Publication
 
Data Security and Privacy Under The Compliance Spotlight April 2014
Data Security and Privacy Under The Compliance Spotlight April 2014Data Security and Privacy Under The Compliance Spotlight April 2014
Data Security and Privacy Under The Compliance Spotlight April 2014
 
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
2014 GRC Conference in West Palm Beach-Moderated by Sonia Luna
 
WCIT 2014 Matt Stamper - Information Assurance in a Global Context
WCIT 2014 Matt Stamper - Information Assurance in a Global ContextWCIT 2014 Matt Stamper - Information Assurance in a Global Context
WCIT 2014 Matt Stamper - Information Assurance in a Global Context
 
Eamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E CommerceEamonn O Raghallaigh Major Security Issues In E Commerce
Eamonn O Raghallaigh Major Security Issues In E Commerce
 
Accenture re-organizing-todays-cyber-threats
Accenture re-organizing-todays-cyber-threatsAccenture re-organizing-todays-cyber-threats
Accenture re-organizing-todays-cyber-threats
 
IC3 2019 Internet Crime Report
IC3 2019 Internet Crime ReportIC3 2019 Internet Crime Report
IC3 2019 Internet Crime Report
 
Online Trust Alliance Recommendations
Online Trust Alliance RecommendationsOnline Trust Alliance Recommendations
Online Trust Alliance Recommendations
 
Breach level index_report_2017_gemalto
Breach level index_report_2017_gemaltoBreach level index_report_2017_gemalto
Breach level index_report_2017_gemalto
 
Whitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_enWhitepaper 2015 industry_drilldown_finance_en
Whitepaper 2015 industry_drilldown_finance_en
 

Semelhante a Cybersecurity A Community Approach - 20151109

CyberSecurityBook[Final]
CyberSecurityBook[Final]CyberSecurityBook[Final]
CyberSecurityBook[Final]
Lucy Kitchin
 
Not Prepared for Hacks .docx
Not Prepared for Hacks .docx Not Prepared for Hacks .docx
Not Prepared for Hacks .docx
hallettfaustina
 
wp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industrywp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industry
Numaan Huq
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
AnastaciaShadelb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
ChantellPantoja184
 
wp-us-cities-exposed-industries-and-ics
wp-us-cities-exposed-industries-and-icswp-us-cities-exposed-industries-and-ics
wp-us-cities-exposed-industries-and-ics
Numaan Huq
 
wp-us-cities-exposed-industries-and-ics
wp-us-cities-exposed-industries-and-icswp-us-cities-exposed-industries-and-ics
wp-us-cities-exposed-industries-and-ics
Thomas Hughes
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & career
Amit Kumar
 

Semelhante a Cybersecurity A Community Approach - 20151109 (20)

CyberSecurityBook[Final]
CyberSecurityBook[Final]CyberSecurityBook[Final]
CyberSecurityBook[Final]
 
Not Prepared for Hacks .docx
Not Prepared for Hacks .docx Not Prepared for Hacks .docx
Not Prepared for Hacks .docx
 
Delusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceoDelusions of-safety-cyber-savvy-ceo
Delusions of-safety-cyber-savvy-ceo
 
Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028Digital Forensics Market, Size, Global Forecast 2023-2028
Digital Forensics Market, Size, Global Forecast 2023-2028
 
wp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industrywp-cyber-threats-to-the-mining-industry
wp-cyber-threats-to-the-mining-industry
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
12Cyber Research ProposalCyb
12Cyber Research ProposalCyb12Cyber Research ProposalCyb
12Cyber Research ProposalCyb
 
The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017The 10 Fastest Growing Cyber Security Companies of 2017
The 10 Fastest Growing Cyber Security Companies of 2017
 
wp-us-cities-exposed-industries-and-ics
wp-us-cities-exposed-industries-and-icswp-us-cities-exposed-industries-and-ics
wp-us-cities-exposed-industries-and-ics
 
wp-us-cities-exposed-industries-and-ics
wp-us-cities-exposed-industries-and-icswp-us-cities-exposed-industries-and-ics
wp-us-cities-exposed-industries-and-ics
 
Online security – an assessment of the new
Online security – an assessment of the newOnline security – an assessment of the new
Online security – an assessment of the new
 
Understanding the black hat hacker eco system
Understanding the black hat hacker eco systemUnderstanding the black hat hacker eco system
Understanding the black hat hacker eco system
 
Cyber Security for Oil and Gas
Cyber Security for Oil and Gas Cyber Security for Oil and Gas
Cyber Security for Oil and Gas
 
2022 Cybersecurity Predictions
2022 Cybersecurity Predictions2022 Cybersecurity Predictions
2022 Cybersecurity Predictions
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & career
 
Cyberfort syllabus & career
Cyberfort syllabus & careerCyberfort syllabus & career
Cyberfort syllabus & career
 
Is Your Organization in Crisis?
Is Your Organization in Crisis?Is Your Organization in Crisis?
Is Your Organization in Crisis?
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Get Prepared
Get PreparedGet Prepared
Get Prepared
 
American Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standardsAmerican Bar Association guidelines on Cyber Security standards
American Bar Association guidelines on Cyber Security standards
 

Cybersecurity A Community Approach - 20151109

  • 1. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 1 A Community Focused Approach to Cybersecurity Excellence Mayor's Vision: Colorado Springs will be the Cybersecurity Capital of the World Submitted by Frank Backes, CEO Braxton Science & Technology Group 6 North Tejon Street, Suite 220 Colorado Springs, CO 80903 frank.backes@braxtontech.com Phone: 719-380-8488
  • 2. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 2 Introduction Data transport and security plays a significant and increasingly important role in our personal lives, businesses, and national security. The Internet has become the backbone of data transport and security supplemented by networks used for banking, government, industry, commercial, and civil systems. Virtually all businesses communicate internally and with their suppliers and customers via the Web and email, and the US Government increasingly communicates with citizens by online means. The rest of the developed world is in a similar position, and much of the developing world is catching up fast. Colorado Springs’ political leadership recognizes the importance of cybersecurity to our nation and has determined it is highly desirable that our community has a strong, productive and competitive cybersecurity industry, based on existing local resources, historical experience, inherent knowledge, skills and capability. Colorado Springs finds itself in an enviable place when considering where the US Government and Industry should invest in cybersecurity capability. Several pillars differentiate and define our community’s ability to deliver on the Mayor’s vision, “Colorado Springs will be the Cybersecurity Capital of the World”, as follows: 1. Headquarters Air Force Space Command – Organize, Train and Equip role for Space and Cyber. 2. United States Northern Command (USNORTHCOM) 3. North American Aerospace Defense Command (NORAD) and NORAD 4. Schriever Air Force Base - Command and control for over 170 Department of Defense warning, navigational, and communications satellites 5. Army Space and Missile Defense Command 6. Cheyenne Mountain Air Force Station 7. Joint Functional Component Command for Integrated Missile Defense (JFCC IMD) 8. Missile Defense Agency
  • 3. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 3 9. US Air Force Academy – Future home of the Air Force Cyber Innovation Center (AFCIC) 10. UCCS, a world-class university capable of delivering education and research 11. Catalyst Campus for Technology Innovation – An industry-driven workforce development, research, development, and operations facility focused on Cybersecurity 12. Commercial industry leaders in cybersecurity (FedEx, Oracle, root9B, MainNerve, Progressive, and many others) 13. Home to more than 200 Aerospace and Defense industry companies with a vested interest in the cybersecurity capabilities of our community These community pillars are the pathway to Colorado Springs’ ‘brand’ in the cybersecurity market. When combined and directed in a coordinated strategy, we have the opportunity to build a successful, competitive and knowledge-based industry to exploit the undoubted need for cybersecurity in the US and other countries. These pillars also represent the three required elements for successful technology market leadership and economic sustainability. 1. Academic research and education 2. Industry expertise and investment 3. Operational customer base and revenue (Military and Commercial) The Cybersecurity market is highly fragmented and heterogeneous. Its structure is complex and not widely understood. In particular, there is considerable confusion and uncertainty regarding the market dynamics for cybersecurity, in terms of demand, competitiveness and government’s role in facilitating a strong cybersecurity capability for the nation. This white paper will strive to clarify this market and describe how the technology pillars in our community can unite to become the cybersecurity capital of the world.
  • 4. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 4 Defining Cybersecurity Markets The market structure and supply chain depend on the nature of the business being protected, the extent of exposure to potential threats, and the value of an attack for the cyber-criminal. For this report, we identified five separate and distinct submarkets, each of which has different end- user organizations and supply chain players. Crossover between supply chains in the submarkets is not straightforward. The five submarkets are: The Colorado Springs community has organizations that represent both customers and suppliers of products and services in each cybersecurity sub-market. The sophistication, motivations, and funding of cyber-criminals is the primary characteristic this paper is using to
  • 5. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 5 differentiate each of these cybersecurity submarkets. The categories of cyber-criminals considered are: Terrorists Competitors/Corporate Espionage Organized Crime Foreign Entities Activists/Hacktivists Organizations Foreign Nation-states Insider Threats Independent Hackers Nation-states, terrorists, hackers and organized crime are the cybersecurity villains that everybody loves to hate. While there is no doubt these cyber-criminals are a force to be reckoned with, insiders, current and former employees are increasingly a risk to many organizations. The Consumer and Small Business sub-market have cybersecurity needs, but these are less sophisticated primarily due to the funding and type of cyber-criminal targeting this market segment. The submarket for small businesses and consumers is aggregated here because the supply chains serving their needs for products and services are similar. The cyber-criminals focused in this market are operating mostly as individuals and command limited funding for their capability. The Business and Enterprise cybersecurity market is oriented around large commercial enterprises securing their day-to-day business. This includes banks, telecommunications companies, utility and energy firms, manufacturers and retailers, and its constituency comprise the largest firms operating in the US. Some of these firms have a role to play in the nation’s critical national infrastructure, but the nature of the threat is less than that for intelligence and defense organizations. The cyber-criminals we find in this market include competitors, insiders, independent hackers, organized crime, and hacktivists. These criminals can be well funded and
  • 6. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 6 are looking for significant results and return for the risk they are taking in attacking a business or enterprise. The Industrial market segment includes Civil, Utility, Healthcare, Energy, Justice Systems, and others: this submarket incorporates all the other government-funded cybersecurity tasks. It includes security of health and education data, crime and criminal justice information, as well as more run-of-the-mill (but essential) national infrastructure systems. As an example, one of the most publicized cybersecurity attacks of all time were major breaches that occurred in 2014, successfully accessing US government databases holding personnel records and security- clearance files containing sensitive information of about 22.1 million people, including not only federal employees and contractors but their families and friends. It is believed by US officials that the attack was sponsored by China who was conducting a form of traditional espionage. The Military and Intelligence submarket is focused on securing national assets, weapon systems, the nation's secrets, and involves security and intelligence agencies. It incorporates the most advanced (and most secret) cybersecurity technologies available. The attacks in this market come from all players in the cyber-criminal spectrum. While terrorist groups and nation- state backed cyber-criminals have significant funding and the most sophisticated capabilities, insider threats have proven to be challenging to detect and mitigate but have had devastating impacts. The Edward Snowden incident is a good example of the impact a single insider threat can have. In response to nation-state, terrorist, and sophisticated competitors engaged in industrial espionage the Ethical Offensive Cyber market has grown significantly. This is an arena that requires technical, ethical, cultural, and legal expertise to be combined with products, services and operational expertise to achieve the intended outcomes without breaking US constitutional and international laws.
  • 7. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 7 The purpose of identifying these five separate submarkets is not to silo these markets, or draw hard and fast lines between them. In fact, there is a degree of crossover between buyers in the submarkets in our model. The purpose is to identify the differences in supplier structures that feed each of the submarkets and address them in reference to the value proposition that the Colorado Springs community has to offer. From a supplier point of view, it is vitally important to understand the characteristics of each particular market. Selling into the defense and intelligence sub-market is entirely different than doing business with small businesses and consumers, just as selling into large enterprises is different than selling into the public sector (even beyond the defense and intelligence elements). The sophistication and scale of the cybersecurity requirements, the credentials and clearance requirements, and the way in which each submarket procures cybersecurity capability are all substantially different in each sub-market. Suppliers to the cybersecurity market, therefore, need to understand the dynamics of their particular target market. The Colorado Springs community must use this information to adjust its strategies in developing and branding a cybersecurity economic foundation. Understanding Technology Creation & Revenue Lifecycle The maturity of cybersecurity solutions can be assessed using traditional product development lifecycle analysis. It is imperative that we understand the economic impact to our community in each phase of the technology maturation process in order to prioritize and coordinate our economic development activities. The first phase of technology development is focused around education and fundamental research. The funding for fundamental research comes through government grants and industry investments. These initial grants and investments are a fraction of the funding that will be allocated to a new technology as it matures into a revenue generating
  • 8. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 8 product. Once the basic principles have been studied, practical applications can be applied to the initial findings from research. The technology development phase is started when practical applications align with customer demand. This is when the funding profile for technology development starts to include additional industry and customer based funding. Generally both analytical and laboratory studies are required at this phase to see if a technology is viable and ready to proceed further through the development process. The technology development phase includes the creation of prototypes that can be used to verify the technology application to the specific target markets and customer requirements. Once the proof-of- concept technology is validated additional funding from industry and customers can occur. Representatives from the funding sources will require that the working model or prototype be demonstrated in a real world environment to maintain the funding stream. When the technology has been applied to revenue generating products or services it is ready for delivery to the cybersecurity market. Customer demand and the ever changing threat environment represented in the cybersecurity market cause the timeline for new cyber security technologies and products to be extremely short. Some cybersecurity products go from concept to deployment in less than 6 months. Colorado Springs will have to create an entrepreneurial, flexible, and supportive business environment in order to capture the national and international revenue sources from fundamental research through produce sales and essential in branding our community as a market leader in cybersecurity.
  • 9. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 9 Three Pillars of Economic Sustainability in Colorado Springs Academic Research and Education Academic research and education is a foundational component of the economic sustainability model recommended in this white paper. Our community has two excellent, internationally known, universities: the US Air Force Academy (USAFA) and University of Colorado at Colorado Springs (UCCS). By coordinating activities at these two universities we can address the need for fundamental technology research and education in all five cybersecurity submarkets. UCCS can address the needs of the Consumer, Small Business and Large Business markets while sharing technologies in the Industrial market with the USAFA. The USAFA is addressing the needs of the Industrial, Defense and Intelligence, and the Ethical Offensive Cyber markets through the creation of the Air Force Cyber Innovation Center (AFCIC). The AFCIC can uniquely address the complex requirements associated with cybersecurity research for defense and intelligence customers because of their specialized experience, access to cleared personnel and secure facilities. The AFCIC is teaming with Catalyst Campus to create a bridge from military-based fundamental research to industry-based applied research that will lead to government and commercial cybersecurity architectures, products, and services. Industry Expertise and Investment Industry expertise and investment in our community can be delivered through the Catalyst Campus. Catalyst Campus is building a unique Cyber and Space applied research and development (R&D) laboratory/operations center in downtown Colorado Springs that can operate as the hub for industry engagement in our community’s cybersecurity strategy. Catalyst Campus is a collaborative ecosystem where industry (small business to medium sized entities,
  • 10. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 10 start-ups, etc.) workforce development and venture capital intersect with the diverse resources of Southern Colorado to create community, accelerate economic development and stimulate job growth. Catalyst Campus is home to the following organizations and facilities: 1. Center for Technology, Research and Commercialization (C-TRAC) - A 501c3 non-profit technology transfer and commercialization office that advances technology from industry partners, the military, the government and/or other advanced industries through state-of- the-art laboratories and operations center. 2. Southern Colorado Technology Alliance (SCTA) - A 501c6 non-profit membership organization that caters to the needs of Southern Colorado’s aerospace, defense and technology companies and provides mentorship and business opportunities for new small businesses and entrepreneurs. 3. A collaborative environment with shared resources and small business support services to stimulate innovation, advancement and job growth for Advanced Industries (specifically aerospace and defense, cyber, software development, technology and advanced manufacturing). 4. Catalyst Campus – Industry-driven education that supplies a trained and ready workforce specific to Southern Colorado’s needs and future government contracts. 5. Applied research and development labs through a non-profit community “collaboratory” to train the latest cybersecurity, software technologies, and programming languages. Operational Customer Base and Revenue The operational customer base and revenue needed to complete the third pillar of our economic sustainability for cybersecurity ecosystem in Colorado Springs will come from our existing military and commercial community partners. One source of research funding sponsored by the U.S. Government is the Small Business Innovation Research (SBIR) and Small Business
  • 11. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 11 Technology Transfer (STTR) program. This program is designed to serve the technology needs of the USG and tap into innovative small businesses. These programs, together with the people who manage them, accomplish this as part of the USG technology development efforts to identify and provide advanced, affordable, and integrated technologies. For example, the Air Force Research Laboratory (AFRL) executes the SBIR and STTR programs for the Air Force. Over $3 million in research funding from AFRL has already been committed to be implemented in the laboratories and operations center on the Catalyst Campus. In addition, Catalyst Campus has identified an additional $20 million in SBIR Phase 3 funding in the planning stages that may be awarded to Colorado Springs headquartered companies in the near future. The maturity of cybersecurity solutions, like many technologies, can be assessed using Technology Readiness Levels (TRL) analysis. TRL is a type of measurement system used by government programs to assess the maturity level of a particular technology. Each technology idea is evaluated against the parameters for each technology level and is then assigned a TRL rating based on the maturity of the technology. There are nine technology readiness levels. TRL 1 is the lowest and TRL 9 is the highest. When a technology is at TRL 1, scientific research is beginning and those results are being translated into future research and development. TRL 2 occurs once the basic principles have been studied and practical applications can be applied to
  • 12. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 12 those initial findings. TRL 2 technology is very speculative, as there is little to no experimental proof-of-concept for the technology. When active research and design begin, a technology is elevated to TRL 3. Generally both analytical and laboratory studies are required at this level to see if a technology is viable and ready to proceed further through the development process. Often during TRL 3, a proof-of- concept model is constructed. Once the proof-of-concept technology is ready, the technology advances to TRL 4. During TRL 4, multiple components are tested with one another. TRL 5 is a continuation of TRL 4; however, a technology that is at TRL 5 is ready for more rigorous testing using simulations that are as close to representative of real world application as possible. Once the testing of TRL 5 is complete, a technology may advance to TRL 6. A TRL 6 technology has a fully functional prototype or representational model. TRL 7 technology requires that the working model or prototype be demonstrated in a real world environment. TRL 8 technology has been tested and "operationally qualified" and it is ready for implementation into an already existing technology or technology system. Once a technology has been "operationally proven" during a real mission, it can be called TRL 9. The TRL model for assessment can also be used to understand the sources, timing, and magnitude of revenue associated with a new technology. The Air Force supports transition from basic research to capability delivery through the Commercialization Readiness Program (CRP). Whether you are a SBIR/STTR veteran or have just received your first Phase I contract, you should already be focused on achieving technology transition and commercial success. The primary objective of the CRP is to accelerate the transition of SBIR/STTR-developed technologies into real-world military and commercial
  • 13. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 13 applications. To achieve these goals the CRP team gets involved early and stays engaged throughout the process. Conclusion & Recommendations This white paper has identified cybersecurity markets that the community of Colorado Springs is in a position to lead on a national and international scale. Three pillars of critical capability and resources already exist in our community. Today these critical community resources operate independently and occasionally in competition with one another. If Colorado Springs is going to achieve the vision for the future laid out by Mayor John Suthers, we will need to coordinate our activities and develop brand recognition nationally and internationally in the cybersecurity market and submarkets identified in this white paper. Recommendations Set up a Mayor sponsored task force chartered to coordinate the activities of our critical community resources capable of delivering on the cybersecurity vision of the future. The members of this task force should be the contributors and stake holders in the Mayor’s vision: 1. City Official tasked with implementation of the Mayor’s vision 2. A representative from the Colorado Springs Regional Business Alliance who speaks for local industry 3. A representative from UCCS responsible for the cybersecurity strategy 4. A representative from the USAFA responsible for the implementation of the AFCIC 5. A representative from Catalyst Campus Center for Technology, Research and Commercialization (C-TRAC) 6. An economic sustainability expert from the community 7. A representative from the local Military
  • 14. Colorado Springs Cybersecurity Market Strategy - November, 2015 Page 14 Some of the efforts this task force should focus on are: 1. Develop a branding and marketing strategy for the City of Colorado Springs that clearly identifies our community as an ideal place to start and grow a cybersecurity business. 2. Coordinate research opportunities from DoD, Homeland Security, NASA, Intelligence Agencies, and Commercial Companies with a focus on capturing funding and investment for cybersecurity projects to be executed locally. 3. Work through the Colorado Springs Regional Business Alliance, local investors and business owners to put a strategy in place to develop, acquire and grow cybersecurity companies establishing or moving their headquarters and research and development activities to Colorado Springs. 4. Encourage teaming and cooperation between academia, industry, and government in our community to speak in one voice with one vision. Colorado Springs will be the Cybersecurity Capital of the World