Cybersecurity

Why feds need to talk to industry about cyber

Shutterstock image (by deepadesigns): protection concept, shield icon.

Securing the future isn't one sector's game.

According to Deputy Treasury Secretary Sarah Bloom Raskin, the keys to responding to and recovering from cyberattacks "are preparation, coordination and practice." Speaking at the inaugural Incident Response Forum on March 31, Raskin called for increased cooperation between the public and private sectors during.

She hailed the Obama administration's plan for a national cyber incident coordination policy, slated to be released this spring. "Once adopted, such a coordination policy will enable government agencies and the private sector to better understand what to anticipate from each other and one another," she said.

Raskin wasn't able to offer details on the developing plan, but she said the Treasury Department has already been working on coordination with the financial sector.

"To test our collective preparedness, Treasury, working in partnership with [the departments of Homeland Security and Justice] and financial regulators as well as the private sector, has completed five large-scale cybersecurity table-top exercises in little over a year," she said. "This is how we practice."

Across town on the same day, Emile Monette, the General Services Administration's senior adviser for resilience and cybersecurity, urged closer relationships between government agencies and their device suppliers at the American Bar Association's Internet of Things conference.

Monette said buyers don't know what risk-based decisions were made in the manufacturing process for Internet-connected devices, but they assume that risk when they start operating the technology. He said the question for government and industry alike is, "How can we equitably share this risk?"

Historically, feds have kept suppliers at arms' length, despite memos that have noted the necessity of communication. But Monette said feds will struggle to stay aware of the risks inherent in the systems they're procuring, let alone learn of new solutions, if they don't talk to their suppliers.

Raskin, in her address, imagined a ransomware attack that could lead to 21st-century bank panics.

"While initially only impacting the individual bank, the interconnectedness of the financial sector -- through payment systems or third-party vendors processing transactions, providing cloud-computing services or operating mobile solutions -- leads to actual or perceived contagion throughout the sector," she hypothesized. "First one by one, then at an accelerated pace, other institutions' files, data and systems are likewise affected, causing a crisis in confidence that one might imagine could threaten the financial stability of the United States and beyond."

Such an attack hasn't happened yet, she said. But if it does, tight coordination between government and industry will be crucial to keeping the American economy from falling apart.

About the Author

Zach Noble is a staff writer covering digital citizen services, workforce issues and a range of civilian federal agencies.

Before joining FCW in 2015, Noble served as assistant editor at the viral news site TheBlaze, where he wrote a mix of business, political and breaking news stories and managed weekend news coverage. He has also written for online and print publications including The Washington Free Beacon, The Santa Barbara News-Press, The Federalist and Washington Technology.

Noble is a graduate of Saint Vincent College, where he studied English, economics and mathematics.

Click here for previous articles by Noble, or connect with him on Twitter: @thezachnoble.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.