CONFERENCE Cyber AI & Automation Summit - Watch Sessions
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

McAfee Executive Addresses Committee on Homeland Security on Threat Sharing

McAfee Public Sector Executive Tells Committee on Homeland Security Subcommittee that Industry and Government Need to Evolve Collaboration Models for Global Cyber Threat Intelligence

McAfee Public Sector Executive Tells Committee on Homeland Security Subcommittee that Industry and Government Need to Evolve Collaboration Models for Global Cyber Threat Intelligence

In Washington this week, McAfee’s Chief Technology Officer and Vice President, Global Public Sector, Dr. Phyllis Schneck, addressed the Committee on Homeland Security, emphasizing the need for private sector companies to have stronger protections in sharing global threat intelligence to better protect public and private sector customers and critical infrastructure from rapidly escalating cyber threats.

Dr. Schneck, who testified before the Committee on Homeland Security’s Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies, said that by enabling private companies to share more, government and industry can more effectively benefit from established public-private partnerships.

Schneck outlined some policy recommendations to improve public/private sector information sharing that is essential to provide the government with the capabilities it needs to respond to the cyber threat.

See Also: The Increasing Importance of Security for the Smart Grid

She also discussed the impact of two major cyber attacks that succeeded in extracting billions of dollars of intellectual property from American companies in the information technology and energy sectors. The first, Operation Aurora, which employed a series of highly sophisticated cyber attacks that targeted many companies including Google, Adobe Systems, Juniper Networks, Rackspace, Yahoo, Symantec, Northrop Gruman and Dow Chemical. Dr. Schneck also discussed Night Dragon, a series of cyber attacks on global oil, energy, and petrochemical companies orchestrated with the apparent intent of stealing sensitive information such as operation details, exploration research, and financial data. Until recently, attacks like these would have been considered as exceptional or rare, but times have changed.

During her testimony, Dr. Schneck made recommendations to the Committee to enhance protection of the Nation’s critical infrastructure:

• The cyber security challenge faced by our country is a serious matter that requires an evolution in the way in which both the public and private sectors collaborate. Leading information technology companies and their customers are uniquely positioned to act as early warning systems that can identify and help address cyber security attacks as a real-time cyber immune system. But only the government can implement the complex set of organizational and policy responses necessary to enable data analysis and distribution across the private sector to counter the growing cyber security threat.

Advertisement. Scroll to continue reading.

• Private companies need protected ways to share their big picture research findings with the government without loss of trust or creation of material events for stockholders, so that the most significant cyber security information is expeditiously actionable. This is the human component of what Global Threat Intelligence does at machine speed. We need both in order to defeat cyber adversaries, whose aim is to harm our way of life.

Schneck also noted that a broad-based situational awareness is vital to securing global cyber systems and ensuring our national security. Derek Gabbard, CEO of Lookingglass Cyber Solutions, a Baltimore based provider of cyber situational awareness technologies agrees. “A cyber situational awareness platform is at the core of threat sharing,” Gabbard wrote in a recent SecurityWeek column titled, Threat Sharing – a Necessary Defense. “To ensure we are not left with the ineffective report and alert systems that exist today, a platform providing context to each notification should be employed,” Gabbard added. “One that accepts and fuses data from global, sector, and private data sources; provides adequate visualization and analysis capabilities; and delivers actionable information in a timely fashion through existing and well adopted wired and wireless devices. While automation is critical, the human element must also be introduced to develop and deliver course of action information and to evaluate the severity of the attack.”

Gabbard puts it well, saying, “Just as firefighters, police officers, and federal authorities have had to learn to communicate and work better together, so too do cyber first responders in order to provide a safe environment to conduct business over the Internet.”

Related Report: The Increasing Importance of Security for the Smart Grid

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is founder and director of several leading cybersecurity industry conferences around the world.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Don’t miss this Live Attack demonstration to learn how hackers operate and gain the knowledge to strengthen your defenses.

Register

Join us as we share best practices for uncovering risks and determining next steps when vetting external resources, implementing solutions, and procuring post-installation support.

Register

People on the Move

Shanta Kohli has been named CMO at Sysdig.

Cloud security firm Sysdig has appointed Sergej Epp as CISO.

F5 has appointed John Maddison as Chief Product Marketing and Technology Alliances Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.