The economics of a national cyber immune system

futuristic cyberwar

White House cyber czar Michael Daniel does not buy into the Hollywood doomsday hype of the so-called cyber Pearl Harbor. But he does wish it wasn't the bad guys pulling in blockbuster revenues in today's real-world cybersecurity battles, while governments rack up billions in bills.

As the National Institute of Standards and Technology prepares to release a formalized version of its cyber framework around Feb. 13, many in the federal cybersecurity community are looking to what's next. Much of what is ahead builds on yesterday and today, including information-sharing efforts that officials say are better than they used to be but still need to be improved in order to reverse the economics of cybersecurity and build healthier networks.

"How do we flip the economics in favor of the defender? Right now the underlying economics -- not only the structure of cyberspace, but the economics of cyberspace -- favor the attacker," Daniel said Jan. 29 at the Cyber Innovation Forum in Baltimore. "Simple, cheap attacks are used multiple, multiple amounts of times to generate huge amounts of revenue for the bad guys, whereas it takes us lots and lots of money to propagate defenses across the network. That's not a sustainable, tenable place to be."

Change hinges on what Daniel termed a cyber immune system for federal networks. Comparing cybersecurity to public health is not new -- tackling viruses being a prime example -- but according to Daniel, building an immune system requires going beyond technology and achieving engagement across the government, industry and general public.

"How do we encourage the broadest possible implementation -- in other words, how do we get everybody to get their flu shot?" Daniel said. "Most of the problems that we face are usually not solely about the technology; they're about the people and about how people use the technology. So the solution ... is going to have to involve getting the people part right, not just the technology."

There are good examples of that in place, according to Bobbie Stempfley, deputy assistant secretary at the Homeland Security Department's Office of Cybersecurity and Communications. However, taking partnerships to the next level -- boosting them into a national cyber immune system -- means making efforts like DHS's Cyber Information Sharing and Collaboration Program more than just anecdotal examples, Stempfley said.

"When I think about what we've been successful in today and the breadth of what we're facing, what strikes me is that the future is about scale," she said, highlighting the CISCP program. "We're able to bring together pieces of information from across a number of sources and turn that into actionable threat indicators for use by the community. We average 26 indicators a day, which isn't a trivial amount. But how do we take these partnerships, ensure they're two-way, ensure they have the [necessary] trust, ensure the open dialog and engagement ... at the scale of problems like the Internet of things? We have to make sure we take structures and mechanisms in place and make sure they're successful."

Donna Dodson, division chief of NIST's computer security division and acting director of the National Center of Cybersecurity Excellence, pointed to programs like NIST's National Strategy for Trusted Identities in Cyberspace, which establishes a shared ecosystem for cybersecurity. They key is partnership that promotes collaboration as a means to move forward -- as an immune system and as an economy.

"It's a chicken-and- egg problem," Dodson said, noting that most people would agree that the use of something more secure than passwords is necessary today, but neither society nor government really have managed to move ahead. "The question is how do we get there? Because it's a security challenge, an interoperability challenge and an economic challenge all rolled into one. So we all need to partner together to change that culture and that kind of environment."

About the Author

Amber Corrin is a former staff writer for FCW and Defense Systems.

The 2015 Federal 100

Meet 100 women and men who are doing great things in federal IT.


  • Shutterstock image (by venimo): e-learning concept image, digital content and online webinar icons.

    Can MOOCs make the grade for federal training?

    Massive open online courses can offer specialized IT instruction on a flexible schedule and on the cheap. That may not always mesh with government's preference for structure and certification, however.

  • Shutterstock image (by edel): graduation cap and diploma.

    Cybersecurity: 6 schools with the right stuff

    The federal government craves more cybersecurity professionals. These six schools are helping meet that demand.

  • Rick Holgate

    Holgate to depart ATF

    Former ACT president will take a job with Gartner, follow his spouse to Vienna, Austria.

  • Are VA techies slacking off on Yammer?

    A new IG report cites security and productivity concerns associated with employees' use of the popular online collaboration tool.

  • Shutterstock image: digital fingerprint, cyber crime.

    Exclusive: The OPM breach details you haven't seen

    An official timeline of the Office of Personnel Management breach obtained by FCW pinpoints the hackers’ calibrated extraction of data, and the government's step-by-step response.

  • Stephen Warren

    Deputy CIO Warren exits VA

    The onetime acting CIO at Veterans Affairs will be taking over CIO duties at the Office of the Comptroller of the Currency.

  • Shutterstock image: monitoring factors of healthcare.

    DOD awards massive health records contract

    Leidos, Accenture and Cerner pull off an unexpected win of the multi-billion-dollar Defense Healthcare Management System Modernization contract, beating out the presumptive health-records leader.

  • Sweating the OPM data breach -- Illustration by Dragutin Cvijanovic

    Sweating the stolen data

    Millions of background-check records were compromised, OPM now says. Here's the jaw-dropping range of personal data that was exposed.

  • FCW magazine

    Let's talk about Alliant 2

    The General Services Administration is going to great lengths to gather feedback on its IT services GWAC. Will it make for a better acquisition vehicle?

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above