The Business Roundtable on Monday Tuesday unveiled a cybersecurity strategy to "to protect U.S. economic and national security from growing global cybersecurity threats."
Drawing from dozens of existing reports, strategies, and roadmaps, the new plan takes the perspective of top level CEOs.
A BRT report entitled "Mission Critical: A Public-Private Strategy for Effective Cybersecurity" also was released Monday Tuesday.
A few highlights from the report:
- We need innovative ways to respond to and mitigate increasing cybersecurity risks.
- Public-private partnerships are the way to go.
- Private-sector cannot do it alone, especially with regards to cyber events that target national interests.
- We don't need more check-the-box security solutions.
The report focuses a great deal on themes we've seen a lot in the last few months. For example, it notes the need for a better global infrastructure to prosecute cybercriminals and encourages the U.S. to ensure adequate penalties for cybercrimes.
The report also says the federal bench should have the technical skills to hear cyber crimes. It doesn't, however, say anything about the decreasing resources on the law enforcement side of cyber prosecutions and investigations.
While the Department of Justice shrinks its ranks through attrition and retirements, it is also operating under a freeze on hiring replacement personnel in many areas. A drop in the number of prosecutors and investigators working on cyber cases would counter all progress we are seeing on the cyber front -- even the harshest penalties would mean little if we cannot effectively enforce cyber laws.
The report also talks about the lack of a mature public-private collaboration. It calls for a new "public-private collaborative framework" that is operational, global, and evolving. It also calls for better risk-based business practices tailored to each unique sector.
The new strategy can be summed up in six terms:
- Scalable and Flexibile
- Colaborative
- Customized by Sector
- Risk-Based
- Proactive and Responsive
- Globally Replicable
While the report contains a lot of business lingo and no surprises, it does help make the case that even CEOs care about cybersecurity and that our current state of existence is not acceptable.
Jessica Herrera-Flanigan
Jessica R. Herrera-Flanigan is a partner at the Monument Policy Group, where she focuses on the issues affecting our nation’s security, technology, commerce, and entertainment markets. Previously, she served as the Staff Director and General Counsel of the House Committee on Homeland Security. She also has served as Senior Counsel at the Computer Crime & Intellectual Property Section, Criminal Division, U.S. Department of Justice, where she led the Section’s cybercrime investigation team. She was a Member of the CSIS Commission on Cyber Security and is a Member of the ABA Standing Committee on Law & National Security. She currently serves as the Fellow for Cybersecurity at the Center for National Policy.
Continuous Monitoring As a Service: A Shift in the Way Government Does Business
Research Report: Powering Continuous Monitoring Through Big Data
Addressing the 3 Biggest BYOD Security Threats
Mobile Apps: New Ways to Connect Government with Citizens
JOIN THE DISCUSSION
By using this service you agree not to post material that is obscene, harassing, defamatory, or otherwise objectionable. Although Nextgov does not monitor comments posted to this site (and has no obligation to), it reserves the right to delete, edit, or move any material that it deems to be in violation of this rule.