Risk
3/16/2011
04:40 PM
50%
50%

Why Cybersecurity Partnerships Matter

The public and private sectors must collaborate in new ways to ward off dangerous threats to critical systems and IT infrastructure.

For years, the federal government has launched one policy initiative after another to protect critical IT infrastructure in coordination with the private sector. There's been progress, but the threats--computer breaches from foreign parties, fast-spreading worms, and hidden malware--have outpaced the advances, leaving computer systems and networks across industries more vulnerable than ever.

What can businesses and Uncle Sam do, together, to reverse this dangerous trend? There must be three areas of immediate focus. First, the public and private sectors need to share more information--more parties must be included and new platforms used. Second, they must pay more attention to defending against attacks that threaten critical IT infrastructure and even damage physical facilities. Third, their collaboration must be ratcheted up to the next level--real-time identification and response as threats occur and, more to the point, "moving security practices from a reactionary posture to one that's proactive and preemptive," says Rich Baich, leader of Deloitte's Cyber Threat Intelligence Group.

In other words, the growing number of cybersecurity "partnerships" being established between the federal government and the business community are more than a one-way street. The feds may be driving the effort through initiatives such as Homeland Security's 2009 National Infrastructure Protection Plan, developed in response to a presidential directive, but companies stand to benefit from the more resilient cyber defenses that result from such collaboration.

The feds have defined 18 infrastructure areas considered essential to national interests. They include the agriculture, banking, chemical, and defense industries, as well as government facilities. The goal is to protect the computer systems and networks that serve those vital sectors from increasingly sophisticated threats, including those launched by hostile actors such as terrorist organizations and rogue nations.

Even the Department of Defense is looking to work with the private sector. When Deputy Secretary of Defense William Lynn recently outlined the DOD's plans for bolstering its cyber defenses, he called for increased cooperation with industry. "With the threats we face, working together is not only a national imperative, it's one of the great technical challenges of our time," he said in February at the RSA Conference in San Francisco.

Over the past two years, the DOD has developed "active defenses" that use sensors, software, and signatures to protect its military networks. Next, Lynn said, the agency will make its cyber capabilities available to the private sector "to help protect the networks that support government operations and critical infrastructure," such as the power grid, telecommunications networks, and defense contractor systems.

Several organizations have laid the groundwork for increased collaboration on cybersecurity. Since 2003, the U.S. Computer Emergency Readiness Team (US-CERT) has been providing updates on threats to industrial control systems and other computing infrastructure. The 42,000 members of InfraGard, a partnership between the FBI and the private sector that dates back to 1996, are devoted to creating "actionable intelligence" for infrastructure protection.

Much of the activity revolves around information sharing in key industries. For example, the National Council of Information Sharing and Analysis Centers supports threat response for companies in financial services, healthcare, public transportation, and a handful of other industries.

Information sharing is important, but it's not enough. Scott Charney, VP of trustworthy computing with Microsoft, calls information "a tool, not an objective."

Industry-specific initiatives are evolving into something more substantial. The Financial Services Sector Coordinating Council, whose members include Bank of America, Citigroup, Morgan Stanley, and Visa, coordinates the protection of IT and other infrastructure operated by banks, insurance companies, and other financial institutions. The council does that work in collaboration with the departments of Homeland Security and Treasury, and in December it took things a step further via a memorandum of understanding with the National Institute of Standards and Technology, Commerce Department, and Homeland Security that paves the way for financial firms and government agencies to work together on the development of cybersecurity technologies and test beds.

Milestones in critical infrastructure Protection

Previous
1 of 4
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.