Higher stage of maturity is necessary to secure systems
The guidelines, issued Monday by public and private sector cybersecurity experts, are considered the low-hanging fruit to help agencies improve their network security immediately, says John Gilligan, a former Air Force and Energy Department chief information officer.
CIO Council offers advice on improving agency input on IT security
Richard Schaeffer Information Assurance Director Sept. 3, 2009
There is a new alliance in the battle for cybersecurity. Though neither side has confirmed it, The Washington Post recently reported that Google has asked the NSA to help investigate the mid-December cyber attack against its networks ”to better defend Google – and its users – from future attack.” This partnership demonstrates the increasing interdependencies between the public and private sector in defending against cyber threats.
Hackers, terrorist organizations, cyber criminals, and nation states routinely target government and corporate entities for financial gain, military intelligence, warfare, and sometimes just for notoriety and fame. Government agencies and corporations have traditionally addressed this threat independently, but the evolution of cyberspace has changed the rules. A unified front between the private and public sector has become more critical to combat these cyber threats.
The public and private sectors are becoming increasingly interdependent – the operation of our nation’s critical infrastructure, including the national power grid, transportation systems, and communication networks, depends upon the ability of public and private sector networks to share information via cyberspace. Likewise, our nation’s economic superiority is predicated on our ability to maintain competitive advantages in capital markets. Our enemies are not only looking for ways to exploit vulnerabilities in our critical infrastructure, but they are also increasingly looking for ways to steal our private sector’s intellectual property in order to weaken our economic standing and gain an advantage in the global economy.
Google’s disclosure of ”sophisticated” cyber attacks on its infrastructure reportedly originating in China offers a good example. The Washington Post recently reported that Google and the National Security Agency (NSA) are forming an alliance ”to better defend Google – and its users – from future attack.” Putting the agreement in place will enable the NSA and Google to share critical information to analyze the attack without violating privacy laws or policies. This alliance will help Google better defend its intellectual property critical to our nation’s economy while providing NSA key insight into the attack methods and motives of the attackers.
The need for such partnerships is certain to grow and will most likely extend to organizations that are not as large and resourced as Google but are just as critical to the strength of our nation’s economy. Our adversaries are using similar attack methods to compromise systems across both sectors but they have not effectively partnered to share threat intelligence or early warning indicators. A formal partnership between the private and public sector allows the country to develop a unified and coordinated approach to defending our nation’s assets.
Lt. Gen. Keith Alexander tells lawmakers that the organization ”will not militarize cyberspace.” He also details how the Cyber Command will help DHS protect .gov and .com networks. Senate Armed Services Members say Alexander is well-qualified to lead the command.
NSA opens up to Maryland contractors, Cyber Command nominee says policies aren’t clear
OMB shifts to real time cybersecurity monitoring, cyberdefenses put to the test during annual NSA exercise, FCC considers testing cybersecurity compliancy
It’s competition time for the armed forces universities.
The National Security Agency and the Central Security Service are testing the five U.S. service academies during the 10th annual Cyber Defense Exercise.
Teams will be tested on their ability to defend computer networks the students designed themselves. The winner will take home the coveted CDX trophy. The competition will take place at Lockheed Martin in Greenbelt, Maryland.