Wayne Jones, NNSA's associate administrator for information management and chief information officer

Wayne Jones serves as the Associate Administrator for Information Management, Chief Information Officer, and Chief Information Security Officer for NNSA, accountable for managing and implementing all operational, technical, and administrative functions in support of NNSA cybersecurity and its Information Management Program. He took a few minutes to talk about cybersecurity.

Q. What is cybersecurity? Why does it matter?

A. The Department of Energy (DOE) defines cybersecurity as the protection of information systems against unauthorized access to or modification of information, whether in storage, processing, or transit, against loss of accountability for information and user actions, and against the denial of service to authorized users, including those measures necessary to protect against, detect, and counter such threats.

For me, in my day-to-day, cybersecurity is the protection of information assets on NNSA networks and systems. That means the proactive detection, analysis, and mitigation of cybersecurity threats and incidents. The importance for cybersecurity to NNSA is tied directly to our mission of securing and maintaining the U.S. nuclear stockpile. The weight of our cybersecurity operations and its effect on national security is not lost on me or our team.

Q. How is cybersecurity important to NNSA’s missions?

A. NNSA is responsible for managing the full lifecycle of the nuclear stockpile and ensuring nuclear security goals. To accomplish this, the enterprise requires an information technology program that enables those activities. My organization, NNSA’s Office of the Chief Information Officer, provides a set of IT capabilities that enable the mission to increase organizational efficiency, protect classified and unclassified information assets, enhance communication with internal and external partners, ensure continuous monitoring, and support effective incident response.

Q. What are your main priorities when it comes to cybersecurity for NNSA?

A. Information security, stockpile security, controlling sensitive information to deter nuclear proliferation, network and system availability, focusing capabilities on cyber deficiencies, and mitigating threats to the National Security Enterprise.

Q. Can you provide some examples of how NNSA uses cybersecurity for national security?

A. Aside from our responsibility to help NNSA protect the nuclear stockpile, we are actively involved with our partners across the Government to strengthen the Nation’s cyber posture. Some examples include:

  • Sharing cyber capabilities and fostering collaboration in ways that don’t jeopardize the security of our information
  • Informing and advising incident responders from other Government organizations on known threats
  • Fostering collaboration and coordination with our international partners

Q. What is the most critical issue you see upcoming for cybersecurity?

Emerging technology and our increasingly interconnected environments are things we keep at the forefront of our minds when we think about and plan for cybersecurity. We live in a world where the internet of things brings convenience to people – but oftentimes there is not a lot of focus on the threats to which these technologies expose us. We think a lot about how these things affect the global economy, nuclear nonproliferation, and insider threats.

Q. What research in the field of cybersecurity has you excited for the future?

Two things: quantum computing and big data analytics. Quantum and exascale computing will fundamentally impact computing capabilities across science and information security. It will allow us to exchange information and respond to cyber threats at an incredible rate. The advances happening in big data analytics provide us with new ways to assemble, break down, and understand data.

Never before have we been able to move with the combined speed and accuracy that these fields are bringing to the table. It’s an exciting time to work in the cyber field!

Q. How concerned should the average person be about cybersecurity? What can they do?

Everyone should take an active interest in cybersecurity. Our increasingly connected world brings both unprecedented convenience and risk to our lives. Knowing how to protect yourself and your family from cybercrime is incredibly important. Education is the best way to arm yourself against threats that you may or may not know exist.

For our employees, DOE offers regular training on how to protect our networks and assets. A lot of the information learned at work can be applied at home as well. Developing a cyber preparedness plan for your family is a good place to start. Some simple things you can do:

  • Use strong passwords.
  • Update operating systems on home computers.
  • Back up your files.
  • Only perform online transactions on websites that begin with https://

Helping children understand how to enjoy technology, games, and social media safely is paramount as well. Regularly monitoring your personal credit is another good way to assess your cyber safety. If your finances or identity have become compromised, you’ll know by checking your credit and you can begin taking steps to regain control of the situation and take corrective action.

The bottom line is that cybersecurity is something everyone should seriously and education is key. That’s why the National Cyber Security Awareness Month campaign is so great. It breaks down cybersecurity into terms everyone can understand and provides practical advice on ways to protect yourself.

Be sure to check out: