Government has been calling for increased cooperation with the private sector for years, but there are reasons why they just can’t connect. One being the lack of trust.
However, looking ahead after viewing the current trends, crime committed over the Internet — denial of service, intrusion of systems, or theft of confidential information — likely will increase in intensity, which is why the head of the FBI is continuing to call for more cooperation between the public and private sectors.
“I do believe that in the future, the cyber threat will equal or even eclipse the terrorist threat,” said Robert Mueller III, director, FBI, at an international conference on cyber security held at Fordham University.
“And just as partnerships have enabled us to address the terrorist threat, partnerships will enable us to address the cyber threat. But the array of partners critical to defeating the cyber threat is different. In this case, the private sector is the essential partner.”
He said the private sector has been and will be a primary target of cyber intrusions. By the same token, the private sector exhibits the expertise and knowledge to be an integral partner in defeating the threat, he said.
“You build the components of cyber security — the hardware, the software, and the networks — and you drive future technology. Without you, we cannot combine innovation and security,” Mueller said.
He listed initiatives already underway that have the purpose of building closer public-private ties for cyber defense:
• Domestic Security Alliance Council, consisting of chief security officers from approximately 250 companies, representing every critical infrastructure and business sector. Representatives from a number of major banks sit on the board of this organization.
• InfraGard, which, through its 58,000 members, promotes the sharing of information about threats to critical infrastructure. Members include representatives from government, the private sector, academia, and law enforcement.
• National Cyber Forensics and Training Alliance, a wholly private entity that includes more than 80 industry partners from a variety of sectors, and which has access to more than 700 subject matter experts. It passes real-time threat intelligence to its federal and international partners every day.
One organization which Mueller did not mention, however, but which is integrally involved in sharing cyber threat information among financial institutions, is the Financial Sector-Information Sharing and Analysis Center, FS-ISAC. Many banks are members of this, which functions to spread timely information about specific cyber attacks throughout its network, so that banks can quickly adopt appropriate defenses.
“Only by sharing intelligence swiftly will we be able to forecast coming attacks — and deter future ones. By fusing private-sector information with information from the intelligence community, we can produce a complete picture of cyber threats — one that benefits all of us,” Mueller said.