RSA: Hathaway says securing cyberspace will take time

Share this article:
A President Obama-ordered 60-day cyberspace policy review is completed, and the report will show that cooperation is needed to meet the challenging task of securing the nation's digital infrastructure, the official in charge of the project said Wednesday at the RSA Conference.

Melissa Hathaway, acting senior director for cyberspace for the National Security and Homeland Security councils, said the findings of the review will be released in the coming days after the Obama administration reviews them.

While Hathaway remained tight-lipped about the specific contents of the report, the theme, as many assumed, will be cooperation -- a sentiment that repeatedly has been echoed this year at the annual security conference in San Francisco.

"We need an agreed-way forward based on a common understanding and acceptance of the problem," she said.

She stopped short of defining roles but said the report will call for a White House-led architecture that will seek partnerships and collaboration among a number of federal agencies, private sector, academia and foreign countries. In addition, the report will detail how successful cybersecurity depends on investment in research and development to create "game-changing technologies," she said.

The report identified 250 "needs, tasks and recommendations," she said.

"You will see that there is a lot of work for us to do together," Hathaway said. "Cyberspace won't be secured overnight or on the basis of one good plan...We need to be mindful of how we, government and industry together, can optimize our collective research and development dollars and work together to improve market incentives for secure and resilient hardware and software products, new security innovation, and secure managed services."

Some attendees said afterward they were expecting more concrete findings and recommendations.

"It was a pretty consistent message we've been hearing," said Jerry Dixon, the director of analysis at Team Cymru, and the former director of the National Cyber Security Division at the Department of Homeland Security. "I thought a lot more information would come out of this talk."

Specifically, Dixon said he is interested in learning how the government plans to get a handle on critical infrastructure sectors' level of exposure to major vulnerabilities.

But Dixon said he was pleased to hear Hathaway address the importance of tapping the private sector, which owns and operates most of the nation's information systems.

"That's where the brain trust is," he said. "The key part is that there's got to be transparency."

Share this article:
You must be a registered member of SC Magazine to post a comment.

Next Article in News

Sign up to our newsletters


More in News

Information sharing requires breaking down barriers, White House cyber guru says

Information sharing requires breaking down barriers, White House ...

The White House has advanced an agenda to promote and facilitate information sharing on security threats and vulnerabilities.

Worm variant of Android ransomware, Koler, spreads via SMS

Worm variant of Android ransomware, Koler, spreads via ...

Upon infection, the Koler variant will send an SMS message to all contacts in the device's address book.

Patch for Windows flaw can be bypassed, prompts temporary fix from Microsoft

Patch for Windows flaw can be bypassed, prompts ...

The Windows zero-day received a patch last week, but the fix can still be bypassed by crafty attackers.