U.S. Africa Command (AFRICOM) is part of the U.S. government’s approach to foreign engagement. Specifically, it is the Defence Department’s military engagement facet of the whole government approach to diplomacy, development and defence. Typically, diplomacy and development are the engagements of the State Department and the embassies while defence engagements, including cybersecurity, come under the remit of AFRICOM.
“We are unique across the spectrum of other similar geographical commands like Southern Command or European Command,” explains AFRICOM’s CISO Ryan Larsen. “Most have external service providers, but we do a lot of our IT service delivery organically. My day as CISO, and my team’s day, can feature a broad spectrum of activities. We investigate specific events or vulnerabilities on a given system or network. The team talk through engagements with foreign partners across the African continent. Together, we develop talking points and feedback to inform the president and work on congressional testimony. It’s a very broad scope.”
Cybersecurity journey
“Working with my colleagues during my six years at AFRICOM, we’ve had an opportunity to assess and implement a range of technologies, champion modernisation, create efficiencies and do some wonderful work,” reflects Larsen. “We’ve seen positive results, both in our ability to do business organically, but also to engage with partners and execute our mission. I often like to say to my colleagues, ‘I’m a Marine, I like things simple so let’s focus on the basics.’ If you can focus on the basics and get the daily muscle movements, the daily repetition work accomplished brilliantly, and it enables you to tackle the next level challenges.”
CISOs at war
“I often think of every day working in cyberspace a lot like counterinsurgency warfare and my time in Afghanistan,” says Larsen. “You had to be on top of your game every minute of every day. The adversary only needs to get lucky one time to find you with that IED. Operating in cyberspace is very similar. Second by second, minute by minute, the fight doesn’t ever go away.
“Any cybersecurity leader who makes a promise they can prevent an attack from ever happening is making a promise they can’t fulfil. The best we can hope to offer as CISOs, and IT cybersecurity professionals, is to apply due diligence. We can help make good risk informed decisions. Where will applying our resources and technologies pay the most dividends in return? Where will it protect us for when the breach does occur?”