Speaking at the Michigan Cyber Summit 2011, the two joined several Michigan congressmen and the state's governor to discuss the importance of cybersecurity and the partnerships that are critical to building the nation's cyber resilience. Representatives from state, local and private sector partners, including Microsoft, Google and Facebook, as well as student groups were also in attendance.
In her remarks, Napolitano affirmed the DHS's commitment to elevating the federal government's abilities to protect against cyber threats by working with partners. The department's cybersecurity agenda focuses on defending federal civilian departments and agencies (the .gov domain), and teaming with critical infrastructure owners and operators to assure cybersecurity initiatives are in place and maintained.
The DHS is working with thousands of security professionals and partners to promote good cybersecurity practices, conducting assessments, and publishing tools to assist facility owners in identifying vulnerabilities, Napolitano said.
As well, she emphasized that efforts to secure cyberspace involve not only government and law enforcement agencies, but the public as well. To achieve its goals, the DHS is expanding its "Stop.Think.Connect." campaign, an effort launched last year to stimulate safe computer practices. The agenda also includes developing and enhancing cyber education programs, as well as focusing on strategies to help small- and midsized business owners improve cybersecurity defenses, she said.
Napolitano also detailed the department's efforts working with Congress to pass legislation that, she said, would improve the overall cybersecurity posture of federal departments and agencies.
"Making the internet safer and more secure requires vigilance and knowledge of how to protect ourselves," Joe Sullivan, chief security officer at Facebook, said at the event. "With cyber attacks on the rise, practicing safe online behaviors is more important than ever."
Facebook streamed the event live.
"Companies must educate their customers on how to be safe online," Michael Kaiser, executive director, National Cyber Security Alliance (NCSA), a nonprofit public-private partnership focused on cybersecurity awareness, told SCMagazineUS.com on Friday. Everyone must be involved in cybersecurity awareness, he said.
The NCSA, along with the U.S. Department of Homeland Security and the Multi-State Information Sharing and Analysis Center, has sponsored National Cybersecurity Awareness Month every October since the event's launch in 2004.
Kaiser, who was at the event, said the NCSA and its partners coordinate to send out a simple, harmonized and unified message on how government workers, businesses and individuals can stay safe online. "The key to being effective is to be repetitive," he said. "You have to keep beating the drum."
Other representatives from attending companies agreed that educating the workforce about security issues is key. "Employees are a significant part of the triad (people/process/technology) in protecting company networks and data – that's good for the company's viability, the shareholders' value, and the customers' privacy," Pamela Warren, cybercrime strategist at McAfee, told SCMagazineUS.com on Friday. "By reminding and teaching our employees how to guard citizen information, customer information, employee information and intellectual property, you can help create a more ‘aware' and careful workforce to protect the company's viability. By learning best practices with devices and use of the web and other apps on the corporate network, employees can become part of the solution rather than the problem."
Updated Monday, Oct. 10