Why feds need to talk to industry about cyber

Shutterstock image (by deepadesigns): protection concept, shield icon.

Securing the future isn't one sector's game.

According to Deputy Treasury Secretary Sarah Bloom Raskin, the keys to responding to and recovering from cyberattacks "are preparation, coordination and practice." Speaking at the inaugural Incident Response Forum on March 31, Raskin called for increased cooperation between the public and private sectors during.

She hailed the Obama administration's plan for a national cyber incident coordination policy, slated to be released this spring. "Once adopted, such a coordination policy will enable government agencies and the private sector to better understand what to anticipate from each other and one another," she said.

Raskin wasn't able to offer details on the developing plan, but she said the Treasury Department has already been working on coordination with the financial sector.

"To test our collective preparedness, Treasury, working in partnership with [the departments of Homeland Security and Justice] and financial regulators as well as the private sector, has completed five large-scale cybersecurity table-top exercises in little over a year," she said. "This is how we practice."

Across town on the same day, Emile Monette, the General Services Administration's senior adviser for resilience and cybersecurity, urged closer relationships between government agencies and their device suppliers at the American Bar Association's Internet of Things conference.

Monette said buyers don't know what risk-based decisions were made in the manufacturing process for Internet-connected devices, but they assume that risk when they start operating the technology. He said the question for government and industry alike is, "How can we equitably share this risk?"

Historically, feds have kept suppliers at arms' length, despite memos that have noted the necessity of communication. But Monette said feds will struggle to stay aware of the risks inherent in the systems they're procuring, let alone learn of new solutions, if they don't talk to their suppliers.

Raskin, in her address, imagined a ransomware attack that could lead to 21st-century bank panics.

"While initially only impacting the individual bank, the interconnectedness of the financial sector -- through payment systems or third-party vendors processing transactions, providing cloud-computing services or operating mobile solutions -- leads to actual or perceived contagion throughout the sector," she hypothesized. "First one by one, then at an accelerated pace, other institutions' files, data and systems are likewise affected, causing a crisis in confidence that one might imagine could threaten the financial stability of the United States and beyond."

Such an attack hasn't happened yet, she said. But if it does, tight coordination between government and industry will be crucial to keeping the American economy from falling apart.

About the Author

Zach Noble is a former FCW staff writer.


  • Comment
    customer experience (garagestock/

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected