Today, US President Obama called for stronger Cyber Security laws. It is interesting to note that theme used today emphasizes an action I called for in my paper (and later blog entry) ‘A Strategy To Secure The Federal Cyberspace‘ … back in 2009.
The call by the President stated:
…Yet, there are core challenges that remain in our work to strengthen America’s cybersecurity:
The problem is that government and the private sector are still not always working as closely together as we should. Sometimes it’s still too hard for government to share threat information with companies. Sometimes it’s still too hard for companies to share information about cyber threats with the government. There are legal issues involved and liability issues. Sometimes, companies are reluctant to reveal their vulnerabilities or admit publicly that they have been hacked. At the same time, the American people have a legitimate interest in making sure that government is not potentially abusing information that it’s received from the private sector.
In my original work, I stated in the opening paragraphs
…that the leadership to form and coordinate the right combination of public and private partnership and a sense of common mission are essential to the task.
In fact, much of my call focused on the specific nature that such common mission must take:
One point that I would like to make clear: Government– Private sector cooperation will have to be a two-way street. The government must lead and contribute, and the private sector must respond in kind. ..
Today, for various reasons which include Privacy concerns, potential Liabilities, the rights of Discovery, and even the US anti-collusion laws hamper the possibilities of functional and efficient Government-Private Sector collaboration. This is exactly the reason why Congress must act to shield certain types of action and protect the participants.
In 2009 I recommended the cooperation as one of the three major Tenets of my paper. I further broke it down into two specific action items, the second of which, Task 7, is today’s call from the President:
Task 6: Create an Official advisory board of industry and government luminaries to advise the Chief Information Security Officer in his or her duties.
Task 7: Recommend legislative changes, where needed, to allow utilization of public capabilities to test and enhance defenses of sensitive industries.
I think we may be on the right track :)