From: ISE.gov
Posted by Michael E. Kennedy, PM-ISE Executive for Assured Interoperability
Earlier this month, the National Governors Association (NGA) announced a new cybersecurity initiative to better prepare for and respond to threats at the state level. Through this project, the NGA Center for Best Practices staff will seek to identify and address cybersecurity policy issues by working with policymakers and law enforcement officials at state, local, and federal levels; representatives from private industry, including the financial, communications and information technology sectors; and representatives from other relevant public and private institutions (e.g. energy companies, internet service providers, health officials).
Several recent reports, most notably the National Infrastructure Advisory Council’s report to DHS, Intelligence Information Sharing, have identified serious gaps in cyber threat information sharing among state-based organizations, federal organizations, and the private sector. DHS requested this study on intelligence information sharing between public and private sectors, which stated:
“The Council strongly believes that the government is missing an opportunity to better leverage the capabilities and resources of private sector owners and operators to reduce risks to critical infrastructures. To meet this challenge, however, significant improvement will be needed on how intelligence information is identified, developed, and shared among public and private partners.
“The Council believes that the voluntary public-private partnership is the best long-term strategy to secure our critical infrastructures. We recognize that regulations and standards, if developed wisely with the full collaboration of the regulated private sector entities, have their place in protecting critical infrastructures. However, we consider a non-regulatory approach, which encourages industry and government to diligently pursue common national infrastructure protection goals while avoiding unnecessary costs and inefficiencies, to be the preferred approach and in the best interests of the Nation. These two modes—regulatory and voluntary—can complicate information sharing between the Federal Government and owners and operators of critical infrastructures. However, we feel that a voluntary process, with appropriate checks and balances, must be the foundation for effective information sharing.”
My office, the office of the Program Manager for the Information Sharing Environment, believes this program will advance critical national security information sharing and we anticipate advocating a strong partnership between this initiative and the national network of fusion centers. Cheri Caddy, PM-ISE’s Assured Interoperability Division, Senior Advisor for Cyber Information Sharing, will lead our efforts in support of this initiative. For questions or comments, please post a comment below or send us an email via the contact us page.
Cybersecurity underlies all levels of national security—homeland security, counterterrorism, law enforcement, and public safety—so improved cybersecurity policies and procedures at the state level will enable better information analysis and national security decision making.
Leave a Reply