By working together, our government can provide a unified front in the face of an evolving threat landscape.
During the recent State of the Union address, President Trump spoke of many threats that face our nation, however, he missed a big one. Cyberattacks from China, Russia, Iran, other nation-state actors and cyber criminals alike are on the rise and have the potential to impact industry, our economy and the government functions many rely on. Cybersecurity is a growing part of our national security and the federal government must take steps to improve our preparedness and response times.
In November, the federal government implemented a policy to improve the United States’ position in cybersecurity by improving information sharing and cooperation. Homeland Security Secretary Kristen Nielsen and then-Defense Secretary Jim Mattis led the effort to create a joint agreement about how the two agencies will work together on future cybersecurity challenges. This agreement advances the U.S. government’s and military’s cybersecurity position and provides a path for agencies to work together. It will force the government’s cybersecurity efforts out of silos and improve the overall resilience of our networks. This kind of cooperation is long overdue.
As cybersecurity threats accelerate and change, cybersecurity cooperation has become increasingly important to both civilian and military government agencies. By working together, our government can provide a unified front in the face of an evolving threat landscape. Prior to this agreement, the Defense Department had little ability to protect critical infrastructure, such as power systems, that it depends on. This critical infrastructure is controlled by the private sector, which the Homeland Security Department is mandated to help protect. Cooperation between agencies is essential for our government to run efficiently, protect critical networks and infrastructure, and provide information on threats to the private sector.
The Defense Department can now share cyber threat information with Homeland Security, including foreign cyber threats that the civilian agency and industry may not have. Defense’s information should enable Homeland Security to prioritize threats better, which helps protect private sector interests, too. Electrical grids, bank networks, transportation networks and health care networks impact large swathes of the economy, people and organizations that are intertwined with government agencies. Because all federal agencies are in one way or another connected to each other, the federal government’s approach to cybersecurity should be an umbrella that covers all the networks. Increasing cooperation between agencies creates a bigger umbrella, but still allows for more sensitive and vulnerable agencies to put on a raincoat for an added layer of protection.
For this joint agreement to be a success, communication is key. Each organization has access to different information feeds that the other may not—and now they can share that information. This communication should drastically reduce the incident response times that our cyber defenders are currently experiencing due to the “fog of war.” This communication could lead to lifting or almost removing this fog allowing for faster response times. In incident response, speed is your best ally and the passage of time your fiercest enemy.
The different departments have already started developing common operating procedures to help defend critical infrastructure’s cyberspace. Other agencies should watch to see if this partnership leads to faster response times and more threats identified. If it does, it will mean that the cooperation is working, if it doesn’t then all agencies will need to examine how they’re detecting threats and sharing that information, and if that information is actionable on other networks.
A cooperative effort will help improve the overall resilience of government, military and private networks, and I’m a little surprised it has taken so long to come to fruition. As in an apartment building, it’s great if each apartment door is locked, but if the front door to the building is insecure, bad actors can come in, hang out, and look for vulnerabilities to exploit. The Defense and Homeland Security cooperation agreement puts a lock on that front door and may provide an example for other agencies looking to work together to make their networks more resilient.
Wayne Lloyd is the federal chief technology officer and technical director at RedSeal.