Feds hope to boost business role in slowing cyberattacks

Private sector seeks more intelligence on potential strikes, needs asset tallies

WASHINGTON -- As reports of cybersecurity incidents grow, U.S. Department of Homeland Security officials plan to improve their ability to work on the problem face to face with private-sector experts.

The DHS plans to collocate private-sector employees from the communications and IT industries with government workers at the U.S. Computer Emergency Readiness Team (US-CERT) facility here, said Gregory Garcia, assistant secretary of cybersecurity and telecommunications at the DHS. The teams will work jointly on improving US-CERT's information hub for cybersecurity, Garcia said. The agency didn't specify a starting date for the program but said it will begin soon.

US-CERT is a four-year-old DHS-run joint effort of the public and private sectors to protect the nation's Internet infrastructure. "It's through this collocation that we are going to build a strong trust relationship, an information-sharing relationship," said Garcia.

Such collaboration programs will improve the monitoring of suspicious Internet activity "so we will be able to better analyze [in] real time what is happening and take steps to mitigate it and have a synchronized and instantaneous response capability," he said.

Garcia outlined the efforts to improve cooperation between the public and private sectors at the Armed Forces Communications and Electronics Association's Homeland Security Conference held here this week.

Garcia and other speakers at the conference said that the need to improve such cooperation, as well as the need to improve IT security overall, is becoming more urgent daily. "What we are seeing among our adversaries is increasing sophistication in terms of their capabilities, in terms of the threats that they impose upon our networks," Garcia said.

In all of 2006, 23,000 incidents -- 75% of them in the private sector -- were reported to US-CERT. According to the DHS, an incident can be an attempt to gain unauthorized access into a system, a denial of service or any other kind of Internet disruption.

In the first quarter of the federal fiscal year, which began Oct. 1, 19,000 incidents were reported, said Jerry Dixon, who heads the DHS's National Cyber Security Division.

The number of incidents is growing, Dixon said, but many firms and government entities still aren't prepared to deal with threats because they don't know what they have in their compute environments.

"How can you manage risk if you don't have a good handle on what your environment looks like?" asked Dixon, who noted that he has made on-site visits to large private companies as well as to state and federal agencies.

Karl Brondell, a strategic consultant at State Farm Insurance, added that industry and government "really aren't prepared today to address that significant attack that will come to us, potentially, through cyber." He cited a Business Roundtable report that identified gaps in private-sector cybersecurity. The Washington-based Business Roundtable is an association of CEOs from large companies.

Although Brondell said that efforts to improve cybersecurity have been somewhat successful, he noted that the U.S. "lacks an adequate and truly comprehensive system of early warning of impending attacks."

Brondell said that private-sector businesses could improve security with better access to "chatter" about potential attacks heard by government security agencies.

Garcia said that as US-CERT gains visibility and effectiveness, officials hope to expand its membership to more business sectors.

"We will then have a truly national capability across critical infrastructures, sharing information, and [responding] to incidents as they are [happening] -- that is one of the key priorities," said Garcia.

Copyright © 2007 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon