McAfee Public Sector Executive Tells Committee on Homeland Security Subcommittee that Industry and Government Need to Evolve Collaboration Models for Global Cyber Threat Intelligence
In Washington this week, McAfee’s Chief Technology Officer and Vice President, Global Public Sector, Dr. Phyllis Schneck, addressed the Committee on Homeland Security, emphasizing the need for private sector companies to have stronger protections in sharing global threat intelligence to better protect public and private sector customers and critical infrastructure from rapidly escalating cyber threats.
Dr. Schneck, who testified before the Committee on Homeland Security’s Subcommittee on Cybersecurity, Infrastructure Protection and Security Technologies, said that by enabling private companies to share more, government and industry can more effectively benefit from established public-private partnerships.
Schneck outlined some policy recommendations to improve public/private sector information sharing that is essential to provide the government with the capabilities it needs to respond to the cyber threat.
See Also: The Increasing Importance of Security for the Smart Grid
She also discussed the impact of two major cyber attacks that succeeded in extracting billions of dollars of intellectual property from American companies in the information technology and energy sectors. The first, Operation Aurora, which employed a series of highly sophisticated cyber attacks that targeted many companies including Google, Adobe Systems, Juniper Networks, Rackspace, Yahoo, Symantec, Northrop Gruman and Dow Chemical. Dr. Schneck also discussed Night Dragon, a series of cyber attacks on global oil, energy, and petrochemical companies orchestrated with the apparent intent of stealing sensitive information such as operation details, exploration research, and financial data. Until recently, attacks like these would have been considered as exceptional or rare, but times have changed.
During her testimony, Dr. Schneck made recommendations to the Committee to enhance protection of the Nation’s critical infrastructure:
• The cyber security challenge faced by our country is a serious matter that requires an evolution in the way in which both the public and private sectors collaborate. Leading information technology companies and their customers are uniquely positioned to act as early warning systems that can identify and help address cyber security attacks as a real-time cyber immune system. But only the government can implement the complex set of organizational and policy responses necessary to enable data analysis and distribution across the private sector to counter the growing cyber security threat.
• Private companies need protected ways to share their big picture research findings with the government without loss of trust or creation of material events for stockholders, so that the most significant cyber security information is expeditiously actionable. This is the human component of what Global Threat Intelligence does at machine speed. We need both in order to defeat cyber adversaries, whose aim is to harm our way of life.
Schneck also noted that a broad-based situational awareness is vital to securing global cyber systems and ensuring our national security. Derek Gabbard, CEO of Lookingglass Cyber Solutions, a Baltimore based provider of cyber situational awareness technologies agrees. “A cyber situational awareness platform is at the core of threat sharing,” Gabbard wrote in a recent SecurityWeek column titled, Threat Sharing – a Necessary Defense. “To ensure we are not left with the ineffective report and alert systems that exist today, a platform providing context to each notification should be employed,” Gabbard added. “One that accepts and fuses data from global, sector, and private data sources; provides adequate visualization and analysis capabilities; and delivers actionable information in a timely fashion through existing and well adopted wired and wireless devices. While automation is critical, the human element must also be introduced to develop and deliver course of action information and to evaluate the severity of the attack.”
Gabbard puts it well, saying, “Just as firefighters, police officers, and federal authorities have had to learn to communicate and work better together, so too do cyber first responders in order to provide a safe environment to conduct business over the Internet.”
Related Report: The Increasing Importance of Security for the Smart Grid