Government and Industry Cooperation: More Important Than Ever for Cybersecurity Awareness

by Chuck Brooks, President, Brooks Consulting International

With another National Cybersecurity Awareness Month upon us, few major things have changed from the past year in terms of threats. As the capabilities and connectivity of cyber devices have grown, so have the cyber intrusions from malware and hackers. The cyber- threat actor ecosystem has grown in both size and sophistication. They are also openly collaborating in sharing targets. And tools. The cyber threat actors include various criminal enterprises, loosely affiliated hackers, and adversarial nation states.

Information sharing on threats and risk is one of the most principal functions of government and industry collaboration.

Achieving a full awareness of nefarious actors who operate in the cyber realm and protecting against their capabilities is an arduous task. Clearly, industry cannot respond to growing cyber-threats alone, especially for small and medium businesses who lack the resources and expertise. Increased government and industry cooperation to meet those challenges is a viable course to help mitigate threats and challenges. It is a proven risk management model that makes good sense. In several areas.

Information sharing on threats and risk is one of the most principal functions of government and industry collaboration. Sharing such information helps allow both government and industry to keep abreast of the latest viruses, malware, phishing threats, ransomware, and insider threats. Information sharing also establishes working protocols for lessons-learned and resilience that is critical for the success of commerce and the enforcement against cyber-crimes.

Both Solar Winds and the Colonial pipeline breaches highlighted the government’s assistance in mitigating breaches and moving toward resilience. Government was directly collaborating with the companies to discover the extent of the breaches and options for amelioration.

Remediation of breaches is important to continuity; no matter what, breaches will happen. The incorporation of best practices and the lessons learned from the various and many corporate breaches over the past few years is certainly valuable data for both industry and government in terms of prevention, recovery, and continuity.

The government and industry partnership is being well coordinated via the Cybersecurity and Infrastructure Protection Agency (CISA) of the Department of Homeland Security (DHS). Over the past few years, CISA has taken on a formal and increasingly larger role as the lead civilian agency in government working with industry, and state & local and tribal stakeholders on cybersecurity threats. The proposed 2023 DHS budget has appropriated more than $2.5 billion toward cybersecurity demonstrating the importance of the agency’s role in protecting the homeland in cyberspace, including in the aforementioned areas of information sharing and resilience.

Most significant is that CISA under the leadership of Jen Esterly created the Joint Cyber Defense Collaborative (JCDC) last year to fundamentally transform how cyber risk is reduced through continuous operational collaboration between government and trusted industry partners. “The Cybersecurity and Infrastructure Security Agency established JCDC—the Joint Cyber Defense Collaborative—to unify cyber defenders from organizations worldwide. This diverse team proactively gathers, analyzes, and shares actionable cyber risk information to enable synchronized, holistic cybersecurity planning, cyber defense, and response.” The JCDC also is supported by other government agencies including the FBI, NSA, and U.S. Cyber Command to help drive down risk in partnership with industry.

In recent years, DHS along with The National Institute of Standards (NIST), has made a growing effort to bring the private sector together with the government, especially to develop information sharing protocols in risk management. In a core sense, a successful cyber threat consequences strategy is really about risk mitigation and incident response. A risk management strategy requires stepping up assessing situational awareness, information sharing, and especially resilience planning. It is critical to be aware of the morphing threat landscape and plan contingencies for all potential scenarios. NIST has been extremely helpful to industry in those areas.

The White House has also heighted government and industry cooperation in various areas including supply chain security, protecting critical infrastructure (most of which is owned by the private sector). In specific regard to critical infrastructure, the underlying goal of collaboration is to help protect against targeted cyber intrusions of the nation’s critical infrastructure, such as financial systems, chemical plants, water and electric utilities, hospitals, communication networks, commercial and critical manufacturing, pipelines, shipping, dams, bridges, highways, and buildings.

White House and industry cooperation has been primarily aimed at identifying vulnerabilities, ensuring security, and integrating resilience in the public/private cyber ecosystem. The most recent activity by the White House was an executive order formulating a Zero trust strategy for government agencies. That “trust nothing connected” perspective is also being assimilated in industry.

Congress has supported CISA’s expanded role and involvement with industry. Several bi-partisan bills have bolstered the agency’s integral role in cyber preparedness, response and resilience for both government and industry.

Research and development of potentially disruptive cybersecurity technologies is another benefit of government and industry cooperation. The change in the cyber risk environment coinciding with a heightened need for procurement of innovative technologies and services has created a new paradigm for a cybersecurity partnership between government and industry.

Together, government and the private sector can identify products and align flexible product paths, evaluate technology gaps, and help design scalable architectures that will lead to more efficiencies, and fiscal accountability. Bridging R&D spending between the government and private sectors should also allow for a more directed and capable cybersecurity prototype pipeline to meet modern technology requirements.

An enhanced and streamlined government and industry partnership should continue to be a priority for cybersecurity strategies in 2023, as threats can morph, especially with the emergence of technologies such as artificial intelligence, machine learning, 5G, and eventually quantum computing. The partnership needs to be both proactive and adaptive to change as the threat matrix may become increasingly lethal to economic and strategic stability if we remain unaware and unprepared for the potential consequences.