April 15, 2009

Cyber assurance needs teeth

Greg Hoglund, CEO, HBGary

Soon, the federal government will release the results of its 60-day interagency review of cybersecurity, conducted by Melissa Hathaway, acting senior director for cyberspace for the National Security Council (NSC) and Homeland Security Council. Ms. Hathaway appears to have a good understanding that cooperation between agencies is required for success. The government is a landscape of fiefdoms and it takes special skill to navigate those waters. This is why strong leadership is critical because without it, everything downstream will devolve into overlapping roles, missions, silos and waste.

Coordinating federal agencies is just the beginning. Successful cybersecurity depends on strong relationships with private industry. The government will need to apply pressure to meet tangible objectives that are unbiased, something policymakers are historically poor at doing. Perhaps it's time to pair the best of both worlds -- a proven executive with experience managing to objectives, and a team that understands government intricacy. Corporations are given maybe nine months to implement a change; in government it's every four years. The American public and government can't afford four years of negotiation.

The administration needs to take firm action now to give organizations the tools to fight cyberthreats. Acquisition and sharing of threat intelligence is critical. Law enforcement agencies need authority to use this information and technology to apprehend and prosecute cybercriminals. Over time things will get better, as long as we can fight the enemy today.