NDTA's Cybersecurity Best Practices Committee: A CONVERSATION WITH CHAIRMAN TED RYBECK.

Author:Lo, Sharon

Originally established as the Security Best Practices Committee to examine both both physical and cyber issues in a post 9/11 world, NDTA changed the name to the Cybersecurity Best Practices Committee in 2014 to reflect an an even greater cyber focus. The Cybersecurity Committee provides a forum for understanding the emerging cyber challenges and requirements for effective transportation and supply chain partners. For greater insight into the committee, DTJ sat down with its Chairman Mr. Ted Rybeck.

DTJ: Thanks for meeting with us today. To start, I know US Transportation Command (USTRANSCOM) played a significant role within the committee and especially in the decision to refocus the committee on cybersecurity. Can you talk about how the various stakeholders came together on that decision?

Mr. Rybeck: ADM James Loy [who was at the time the Administrator of the Transportation Security Administration and then served as the Deputy Secretary of the Department of Homeland Security], Gen John Handy [who was the Commander of USTRANSCOM at the time] and his successor Gen Norton Schwartz helped us get the original Security Committee up and running after 9/11. It included a focus on physical security, as well as cyber security, in the context of preparedness response and recovery. That was when former NDTA President LTG Ken Wykle was guiding the creation of the committee. We also benefited from the coaching of LTG Wykle's predecessor LTG Ed Honor.

The decision to further focus the committee came in 2014 and 2015 when then USTRANSCOM Commander Gen Paul Selva, followed by current Commander Gen Darren McDew, along with VADM William Brown during his time as the Deputy Commander at USTRANSCOM and then as the Director for Logistics (J4) at the Joint Chiefs, all supported an increased concentration on cybersecurity. NDTA past President RADM Mark Buzby promoted the notion of taking the Security Committee--which included cyber and physical--and naming it the Cybersecurity Best Practices Committee.

DTJ: It's great that the committee has received such strong support from senior leadership. Who exactly is a typical committee member?

Mr. Rybeck: Committee membership always started with the notion that this is a CEO team mission-driven effort--with the CIO often acting as the point person--but that contrasts to calling this a technical mission issue. At its onset, the Security Best Practices Committee was led by the CEO of the various committee members. This ranged from CEOs of giant corporations to the CEOs of small family businesses that are in the transportation industry and part of NDTA. For the larger corporations, a company's CIO often serves as the CEO's point person.

DTJ: And how do your various members from government...

To continue reading