Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
Industry, government find common ground in cyber realm
Friday - 10/26/2012, 7:00am EDT
"It's the idea of crowdsourcing before the term crowdsourcing came up," said Jason Miller, executive editor of Federal News Radio. "All of us together are smarter than each of us alone."
The Federal Drive with Tom Temin and Emily Kopp hosted a panel discussion with Miller and Scott Algeier, executive director of the Information Technology-Information Sharing and Analysis Center (IT-ISAC) and vice chair of the National Council of ISACs (NCI), as part of the multimedia special report Cybersecurity Rising.
Algeier said the key to a successful public-private partnership in cyber info sharing is to treat each party as an equal. Both parties, however, must also recognize that each has different goals when it comes to protecting networks, he said.
"Industry views it from the business perspective. I have business assets I need to protect. They manage that risk like they manage a lot of other risks. There's only so many dollars industry can spend without impacting shareholder value," Algeier said. "The government views this from a national security perspective, so their tolerance for risk, I think, is a lot less."
Industry and government must first identify common issues to work on and develop a plan jointly, Algeier said.
"I don't think it's enough for industry to be shared documentation that says, this is our plan and you have a week to tell us what you think," he said.
Establishing info sharing center
As agencies move more to e-gov and e-commerce, the government has become increasingly dependent on the private sector, Miller said.
The federal government realized, "The partnership has got to be stronger," he said.
The National Cybersecurity and Communications Integration Center (NCCIC), launched in 2009, is the "nexus of information sharing between the government and the private sector," said Mark Weatherford, the deputy undersecretary for cybersecurity at the Homeland Security Department, in an interview with Miller.
IT-ISAC is part of the NCCIC forum. Once industry shares information with NCCIC, that information is distributed to other agencies.
"To bring it full circle, a lot of my members, a lot of IT companies, are actually contractors to those agencies. They then ...develop the tools and technologies," Algeier said.
Industry and agencies each have skills they can share with each other. Industry, for example, has done a good job securing new networks, Algeier said.
"They repel thousands of attacks a day on their networks. I'm not going to sit here and say all industry networks are as secure as they can be, but I think the overall track record of industry securing new networks is pretty strong," he said.
On the other hand, some agencies have cyber skillsets that are as good or better than across industry, Miller said. Some examples could be found at the National Security Agency or the U.S. Cyber Command, he said.
"I think the government sometimes gets a bad rap, but they're the ones developing [or funding] a lot of the cutting-edge technology that industry kind of commercializes and broadens and makes it better," Miller said.
Today's panel is part of Federal News Radio's multimedia project Cybersecurity Rising, which focuses on the progress federal agencies have made in the last six years on securing their systems and protecting their networks.
MORE FROM THE SPECIAL REPORT, CYBERSECURITY RISING:
Column: Cyber dominance meaningless without skilled workforce (Rep. Jim Langevin, D-R.I.)
Column: Cyber inaction may be our Achilles' heel (Rep. Mac Thornberry, R-Texas)