CybersecurityFeds recruit companies to aid in cyberdefense

Published 17 April 2012

The U.S. national security community is intensifying its efforts to enlist the aid of the private security sector in bolstering the U.S. cyberdefenses

The U.S. national security community is intensifying its efforts to enlist the aid of the private security sector in bolstering the U.S. cyberdefenses.

The Mercury News quotesGeneral Keith Alexander, director of the National Security Agency and commander of the U.S. Cyber Command to say that the private and pubic sectors should coordinate their efforts because “this is something that we cannot do by ourselves.”

Additionally, Congress is considering several pieces of legislation which would encourage information sharing between the public and private sectors. Some of the legislation imcludes tax breaks for firms participating in the efforts.

Last week, HSNW reported on information provided by DHS during a conference earlier this month demonstrating the inherent weaknesses of cybersecurity among the U.S. power and water utilities. Outdated software, no longer supported by vendors, was in common use, including many industrial control systems that were not designed to be connected to the Internet, but have since been connected without appropriate safeguards in place.

On the national front, the Mercury News reported Deputy Defense Secretary William Lynn as disclosing that foreign cyber operatives have taken “terabytes of data” from U.S. defense contractors, ranging from parts specifications for tanks, submarines, and aircraft, to what he called “our most sensitive data.”

Thus far, several of the Bay Area corporations, including Adobe Systems, eBay, and Cisco, have joined with Lawrence Livermore National Laboratory, through the lab’s Network Security Innovation Center. The exchange shares threat information as well as best practices to counter attackers, and the insights gained in the process are relayed to other federal agencies.

Some of the same firms, Hewlett-Packard, Symantec, VMware, and Juniper Systems, provide similar services to the military and the government through a Lockheed Martin center in Maryland.

There are some companies which hesitate to get involved in the effort. The work requires considerable time and effort, and the firms are expected to provide the services on a voluntary basis. Again, the legislation in Congress to provide tax breaks may encourage the participation of these companies.

Robert Rodriguez, who chairs the Security Innovation Network, stresses that it is crucial that help come from the Bay Area. TheMercury News quotes Rodriguez: “It’s really the epicenter for entrepreneurship and innovation in the world,” he said. And while cybercrooks are attacking with increasing ferocity, he added, “we’re having a hard time keeping up.”