Edward Swallow
Vice President, Business Development, Civil Systems Division and Lead for Civil Cyber, Northrop Grumman Information Systems

The major security issues on classified networks come from the inside and the lack of endpoint security. Strong asset management, knowing where your endpoints are, real-time network monitoring, and improved awareness training are all very important. Better controls over use of flash drives and other external devices being connected to the network would also improve protection from malware. Expanded use of thin clients will increase endpoint security by eliminating the ability to actively attach data carriage devices.

Investing in eDRM (electronic digital rights management) technology is the real key to data security. With eDRM, you define data use policy, e.g. who can do what, and for how long. It addresses issues of data at rest, data in transit, and data in use – an ultimate data security solution that takes network level attacks out of the picture.

John Bordwine
Public Sector CTO, Symantec

The key item to keep in mind is that if a human being touches it, there are going to be risks. Risks are created when humans interact with data and information in the system. So you have to define the appropriate security policies that take into consideration all aspects of the environment. Due to the high level of importance within a classified network, technology should be in place to better define a predictive analysis model.