Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars     Apps     EBooks
   AFCEA logo
 

Sharing Cybersecurity to Protect Critical Services

November 5, 2012
By Rita Boland
E-mail About the Author

Efforts to reduce barriers to information sharing in the cyberworld have met with criticism, but some in industry are emphasizing the necessity of swift action.

The effects of Hurricane Sandy on the Northeast coast gave the United States a powerful insight into what happens when critical infrastructure fails in dense population centers. Even with days of warning, thousands of people still find themselves without basic services. Before that superstorm formed, however, security experts were considering the effects of a man-made catastrophe implemented through breaches in cybersecurity that could strike at any time without prior notice, causing even more widespread damage. Leading up to the election, an executive order is pending to try to prevent such an event, but regardless of whom voters elect as their next leader, some in industry are calling for swift action to put preventative measures in place.

Drafted in response to Congress' decision not to pass a cybersecurity act earlier this year, the executive order, if signed, is expected to authorize the Department of Homeland Security to create different information security programs and to facilitate better information sharing among government and private-sector partners involved in cyber activities. Legislators and groups outside government have criticized several aspects of the various efforts to reduce current restrictions that prevent organizations from passing on their knowledge of vulnerabilities or attacks to others who need it, expressing particular concern about violations of citizens’ privacy.

But Dave Frymier, chief information security officer at Unisys, says some type of protective measure is needed immediately. He believes recent attacks on banking institutions should have served as precipitating events demonstrating the importance of broadening information-sharing rules. Earlier this year, several major financial institutions in the United States suffered denial of service attacks that they were unable to stop despite having forewarning that such events would occur. Experts believe the attacks originated in Iran.

Frymier explains that the perpetrators used botnets to implement their plans. Owners of machines infected with that type of threat generally are unaware of their vulnerabilities, making it easy for criminals to use their systems to launch attacks. Groups such as antivirus companies who could tell where problems originate and who is affected are prohibited by data security and privacy regulations from taking steps to address the issues. “We've got to do something about these botnets,” Frymier says. He would like to see a solution that resembles due process in the physical world, in which authorities who suspect something is wrong can take action to prevent a larger crime. “Exactly what that would look like needs to be hammered out in [legislation],” Frymier states. “The cyberworld has some eerie analogies to the real world.”

Eliminating barriers among fragmented government and industry cybersecurity partners could help the safety of everyone. “Absolutely it is a good thing for government and the private sector to work together to secure the country,” Frymier explains. “If we don't, the Internet is going to fall apart. These attacks on the banks are the canary in the cave.” He adds that it is legitimate for people to have concern over “Big Brother,” but he believes leaders can put in place reasonable measures to protect both privacy and the cyberdomain.

Mark Seward, senior director of security and compliance at Splunk, and Bill Cull, vice president of the public sector at the same company, agree with Frymier. Seward explains that in many cases, the private sector already is sharing information with the government, and that action from those in elected authority could make this easier, eliminating some layers of bureaucracy. He adds that partnerships in cybersecurity are important for the maintenance of the lifestyle enjoyed by U.S. citizens. Organizations that supply power and water, for example, are experts in providing those services but not in preventing cyber attacks. Companies or government agencies with cyberknowledge can play a crucial role in keeping those basic necessities up and running. Seward believes that stalling on taking action could result in the United States becoming like a third-world nation overnight as the result of a major attack.

 

 

Departments: 

Comments

I believe the main difference between 'natural caused hazard' or failure and intentionally
made offense by adversary is of course the objective, but consuming defensive resources, a tactical depth in other words.

Critical infrastructure can be seen within this article as defensive infrastructure or a support structure for decision making.

Most nature caused issues are recoverable by changing physical parts of devices, enabling electric grid again etc. - whilst mailicous adversary might want to delay such effort in means of consuming resources. That being said/written, contigency planning is key element to provide survivality.

Just keep in mind that the data controlling most of the critical infrastructure may need to be reconstructured and all computerized interfaces may be just unusable.

Add new comment