Feds Hope to Boost Businesses’ Role in Slowing Cyberattacks

Private sector seeks earlier warnings, more intelligence on potential strikes

WASHINGTON -- As reports of cybersecurity incidents grow, U.S. Department of Homeland Security officials hope a new initiative will improve their ability to work on the problem face to face with private-sector experts.

The DHS plans to collocate private-sector employees from the communications and IT industries with government workers at the U.S. Computer Emergency Readiness Team (US-CERT) facility here, said Gregory Garcia, assistant secretary of cybersecurity and telecommunications at the DHS. The teams will work jointly on improving US-CERT’s information hub for cybersecurity, Garcia said. The agency didn’t specify a starting date for the program but said it will begin soon.

US-CERT is a four-year-old DHS-run effort involving the public and private sectors to protect the nation’s Internet infrastructure.

“It’s through this collocation that we are going to build a strong trust relationship, an information-sharing relationship,” said Garcia.

Such collaborative programs will improve the monitoring of suspicious Internet activity “so we will be able to better analyze [in] real time what is happening and take steps to mitigate it and have a synchronized and instantaneous response capability,” he said.

Garcia outlined the efforts to improve cooperation between the public and private sectors at the Armed Forces Communications and Electronics Association’s Homeland Security Conference held here last week.

Garcia and other speakers at the conference said that the need to improve such cooperation, as well as the imperative to improve IT security overall, is becoming more urgent daily. “What we are seeing among our adversaries is increasing sophistication in terms of their capabilities, in terms of the threats that they impose upon our networks,” Garcia said.

In all of 2006, 23,000 incidents — 75% of them in the private sector — were reported to US-CERT. According to the DHS, an incident is defined as an attempt to gain unauthorized access into a system, a denial of service or any other kind of Internet disruption.

Nineteen thousand incidents were reported in the first quarter of the federal fiscal year, which began Oct. 1, said Jerry Dixon, who heads the DHS’s National Cyber Security Division.

The number of incidents is growing, Dixon said, but many firms and government entities still aren’t prepared to deal with threats because they don’t know what they have in their computing environments.

“How can you manage risk if you don’t have a good handle on what your environment looks like?” asked Dixon, who noted that he has made on-site visits to large private companies as well as to state and federal agencies.

Security Gaps

Karl Brondell, a strategic consultant at State Farm Insurance, noted that industry and government “really aren’t prepared today to address that significant attack that will come to us, potentially, through cyber.”

He cited a Business Roundtable report that identified gaps in private-sector cyber­security. The Washington-based Business Roundtable is an association of CEOs from large companies.

Although Brondell said that efforts to improve cybersecurity have been somewhat successful, he noted that the U.S. “lacks an adequate and truly comprehensive system of early warning of impending attacks.”

Brondell said that private-sector businesses could improve security with better access to “chatter” heard by government security agencies about potential attacks.

As US-CERT gains visibility and effectiveness, officials hope to expand its membership to more business sectors, Garcia said.

“We will then have a truly national capability across critical infrastructures, sharing information and responding to incidents as they are happening,” he said. “That is one of the key priorities.”

Copyright © 2007 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon