A Call for New Cybersecurity Collaboration Models

Our cyber adversaries threaten us as individuals, communities, nations and members of the global community. We risk ruined credit, emptied bank accounts, government privacy information held hostage or destroyed, disabled defense systems and destruction to our infrastructure. Many recognize that our existing organizational and acquisition models can't respond quickly enough to meet the cyber challenge. Why not establish a neutral entity to act as an impartial system integrator that collaborates global efforts and resources to anticipate and defend against our cyber adversaries? Many efforts address the cyberthreat from different perspectives, but, none exists such as the one above. We are gradually addressing the cyberthreat but at a rate far less than our adversaries are outsmarting us. The Department of Defense recognizes the cyberdomain as its own separate domain along with air, space, land and sea. However, our existing acquisition and collaboration models can't keep up. Our adversaries might be a single person with an inexpensive device that can disable a country like Estonia, or nation-states, criminals, terrorists and organized crime. The cost of entry is low. Whole underground networks exist to recruit as well as buy and sell illicit capabilities. Viruses, worms, trojans and more can propagate around the world instantly. Robert Rodriguez, founder of the Security Innovation Network (SINET) says, "The time is yesterday to explore and invest in new collaboration models." SINET unites cyber entrepreneurs, venture capitalists, government experts and academics to bring together entrepreneurs and academics who create cyber capabilities with those who can implement them. Stanford University is also a sponsor of and supporter of SINET. A number of academic institutions actively pursue advanced training and research in cybersecurity. Stanford University and Georgia Tech collaborate. The Stanford University Computer Science Department has also partnered with the Secret Service. The Secret Service and FBI have their respective public-private partnerships. The NSA hosts centers of excellence at many of our nation's academic institutions. There are other small efforts across the country. "Cyber Security demands a community effort--deterrence starts with collaboration," according to Riley Repko, Air Force Senior Advisor, Cyber Operations and Transformation. Realizing that current models weren't enough, the Air Force asked Repko to come out of the private sector to develop a means of engaging the private sector, the true domain "owners." Tom Patterson's  October Government Computer News article "Inside the Pentagon's Cyber War Games" describes Repko's desire for "raising the awareness to the innovative competencies the warfighter could exploit by extending their reach into the private-sector--globally." Why can't we leverage resources via a 'trusted' and scalable mechanism that manages these capabilities? We have tested this model demonstrating considerable merit, but, we need Repko's leadership and dedicated funds with the right mix of public and private sector talent to make it come to fruition. This impartial entity could build on the many efforts under way through government, private industry, individual and non-profit entities. It could establish a repository of global resources, identified by capability, in a private and secure environment that could instantly reach out to experts around the world who could address a particular aspect of a cyberthreat. This model would protect government and industry's need for privacy as well as protect suppliers' intellectual property. Security and privacy are fundamental to the success. Unlike today's models, we could potentially find solutions in a matter of minutes, hours and days rather than months or years after the fact. How then, do we get started? Christine Robinson is president of Christine Robinson & Associates, LLC; an enterprise architect currently on assignment to the Air Force Strategic Visual Information Mapping (SVIM) initiative; advisor to Arlington County; and advisory board member to EmeraldPlanet and its global television show. Robinson writes extensively and speaks about security to audiences worldwide. The views expressed by our guest bloggers are their own and do not necessarily reflect the views of AFCEA International or SIGNAL Magazine.