In an article on March 30, 2012 at Security Week, National Security Agency Director Gen. Keith Alexander was described as ‘adamant’ that the public sector “community leave the monitoring of private sector networks to the private sector.”
He went on to suggest, however, that sharing of information between the public and private sector is difficult at best, and wondered “how hands-on the government should be in policing corporate networks” as well as asking the basic question: “what needs to be done to increase collaboration between intelligence community and the business world?”
We here at Bayshore Networks couldn’t agree more. In fact, in the article itself, Founder and CEO Francis Cianfrocca was quoted as saying this:
“Public and private sector data sharing is not happening enough because much of the public/government security data is classified,” Francis Cianfrocca, chief executive officer at Bayshore Networks, told SecurityWeek. “Also, most private enterprises are reluctant to acknowledge the vulnerabilities of their networks and would not report any cyber attacks on their intellectual property.”
As the article points out, the vast majority of the nation’s critical infrastructure is owned and operated by the private sector. It is quite clear that a strong collaborative environment must exist between these organizations the the Federal government. Granted, there are many obstacles to improving this relationship today, but they need to be overcome; the stakes are too high. Much can be learned from both sectors, and much will ultimately be gained that will lead to significant improvements in our security mechanisms and an improved ability to protect ourselves more effectively against the bad guys.
As Cianfrocca suggests further down in the piece:
“Government should ensure that private enterprises deploy the next-generation cyber defense technologies that can stop advanced persistent threats and other highly motivated attacks from enemy states,” Cianfrocca said. “A strong enforcement mechanism has to be implemented especially in sensitive sectors such as power generation and distribution, oil and gas and transportation.”
Better enforcement mechanisms, enhanced collaboration between the public and private sector, and improved information sharing between them will go a long way toward ensuring that the best technologies are out there protecting these most critical infrastructures and enterprises.