Me and my job: Marty Edwards, ICS-CERT

Share this article:
Me and my job: Marty Edwards, ICS-CERT
Me and my job: Marty Edwards, ICS-CERT

How do you describe your job to average people?

My job is to coordinate efforts between the government and the private sector, assisting asset owners and operators in the protection of the industrial control systems (ICS) within our nation's critical infrastructure.

Why did you get into cyber security?  

Over the years friends hounded me to “get into security.” It sounds like a cliché, but after 9/11, I started to think, “Wow, if this can happen, then maybe I should look at security more seriously.” That, and a lifelong hacker-type mindset.

What was one of your biggest challenges? 

Aged critical infrastructure, the majority of which is owned by the private sector, that wasn't designed for the wireless high-tech world is one of my biggest challenges. We address ICS security in an environment where analog systems are directly tied to cutting-edge technology, so it's a moving target. It is a challenge to understand the threat and be able to mitigate any risk associated with it.

What keeps you awake?

It's the emerging and evolving cyber security threats that could be waged against critical infrastructure. I am concerned about the potential impacts of a cyber attack and the potential cost to our country. Cyber domains remain vulnerable to a variety of incidents, and my team is always coming up with ways to mitigate the risks associated with these vulnerabilities.

Of what are you most proud? 

I am proud of my dedicated and talented team that is called upon to protect the nation's critical infrastructure. Our team has developed dynamic public/private partnerships, as well as valuable relationships with asset owners and other government agencies.


Marty Edwards is director of the ICS-CERT, an element of the National Cybersecurity and Communications Integration Center within the DHS's Office of Cybersecurity and Communications (CS&C).

For what would you use a magic cybersecurity wand?   

I think a magic wand could help private owners and operators realize the significant cyber risk they face, and the true nature of the cyber threats out there, as well as better educate policy makers and lawmakers about the real costs the private sector is being asked to shoulder in implementing cybersecurity protections

Share this article:

Sign up to our newsletters

More in Opinions

Hackers only need to get it right once, we need to get it right every time

Hackers only need to get it right once, ...

Hackers only need to find one weak point to steal valuable information. On the flip side, security pros need to account for every possible scenario.

Successful strategies for continuous response

Successful strategies for continuous response

While it isn't realistic for organizations to expect that it will never happen to them, a rapid, professional and continuous response can limit their scope and reputational impact.

When it comes to cyber attacks, predictions are pointless but preparation is key

When it comes to cyber attacks, predictions are ...

Rather than predicting the next lightning strike it is far better to pay attention to the areas we already know are vulnerable.