Cybersecurity

Why feds need to talk to industry about cyber

Shutterstock image (by deepadesigns): protection concept, shield icon.

Securing the future isn't one sector's game.

According to Deputy Treasury Secretary Sarah Bloom Raskin, the keys to responding to and recovering from cyberattacks "are preparation, coordination and practice." Speaking at the inaugural Incident Response Forum on March 31, Raskin called for increased cooperation between the public and private sectors during.

She hailed the Obama administration's plan for a national cyber incident coordination policy, slated to be released this spring. "Once adopted, such a coordination policy will enable government agencies and the private sector to better understand what to anticipate from each other and one another," she said.

Raskin wasn't able to offer details on the developing plan, but she said the Treasury Department has already been working on coordination with the financial sector.

"To test our collective preparedness, Treasury, working in partnership with [the departments of Homeland Security and Justice] and financial regulators as well as the private sector, has completed five large-scale cybersecurity table-top exercises in little over a year," she said. "This is how we practice."

Across town on the same day, Emile Monette, the General Services Administration's senior adviser for resilience and cybersecurity, urged closer relationships between government agencies and their device suppliers at the American Bar Association's Internet of Things conference.

Monette said buyers don't know what risk-based decisions were made in the manufacturing process for Internet-connected devices, but they assume that risk when they start operating the technology. He said the question for government and industry alike is, "How can we equitably share this risk?"

Historically, feds have kept suppliers at arms' length, despite memos that have noted the necessity of communication. But Monette said feds will struggle to stay aware of the risks inherent in the systems they're procuring, let alone learn of new solutions, if they don't talk to their suppliers.

Raskin, in her address, imagined a ransomware attack that could lead to 21st-century bank panics.

"While initially only impacting the individual bank, the interconnectedness of the financial sector -- through payment systems or third-party vendors processing transactions, providing cloud-computing services or operating mobile solutions -- leads to actual or perceived contagion throughout the sector," she hypothesized. "First one by one, then at an accelerated pace, other institutions' files, data and systems are likewise affected, causing a crisis in confidence that one might imagine could threaten the financial stability of the United States and beyond."

Such an attack hasn't happened yet, she said. But if it does, tight coordination between government and industry will be crucial to keeping the American economy from falling apart.

About the Author

Zach Noble is a former FCW staff writer.

Featured

  • Government Innovation Awards
    Government Innovation Awards - https://governmentinnovationawards.com

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/Shutterstock.com)

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected