Cybersecurity

Why feds need to talk to industry about cyber

Shutterstock image (by deepadesigns): protection concept, shield icon.

Securing the future isn't one sector's game.

According to Deputy Treasury Secretary Sarah Bloom Raskin, the keys to responding to and recovering from cyberattacks "are preparation, coordination and practice." Speaking at the inaugural Incident Response Forum on March 31, Raskin called for increased cooperation between the public and private sectors during.

She hailed the Obama administration's plan for a national cyber incident coordination policy, slated to be released this spring. "Once adopted, such a coordination policy will enable government agencies and the private sector to better understand what to anticipate from each other and one another," she said.

Raskin wasn't able to offer details on the developing plan, but she said the Treasury Department has already been working on coordination with the financial sector.

"To test our collective preparedness, Treasury, working in partnership with [the departments of Homeland Security and Justice] and financial regulators as well as the private sector, has completed five large-scale cybersecurity table-top exercises in little over a year," she said. "This is how we practice."

Across town on the same day, Emile Monette, the General Services Administration's senior adviser for resilience and cybersecurity, urged closer relationships between government agencies and their device suppliers at the American Bar Association's Internet of Things conference.

Monette said buyers don't know what risk-based decisions were made in the manufacturing process for Internet-connected devices, but they assume that risk when they start operating the technology. He said the question for government and industry alike is, "How can we equitably share this risk?"

Historically, feds have kept suppliers at arms' length, despite memos that have noted the necessity of communication. But Monette said feds will struggle to stay aware of the risks inherent in the systems they're procuring, let alone learn of new solutions, if they don't talk to their suppliers.

Raskin, in her address, imagined a ransomware attack that could lead to 21st-century bank panics.

"While initially only impacting the individual bank, the interconnectedness of the financial sector -- through payment systems or third-party vendors processing transactions, providing cloud-computing services or operating mobile solutions -- leads to actual or perceived contagion throughout the sector," she hypothesized. "First one by one, then at an accelerated pace, other institutions' files, data and systems are likewise affected, causing a crisis in confidence that one might imagine could threaten the financial stability of the United States and beyond."

Such an attack hasn't happened yet, she said. But if it does, tight coordination between government and industry will be crucial to keeping the American economy from falling apart.

About the Author

Zach Noble is a former FCW staff writer.

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.