It has not been an easy year for public-sector cybersecurity chiefs. The SolarWinds cyber attack alone affected organizations including the U.S. Treasury, the U.K. government, and the European Parliament.
And that was just one of countless threats hounding public-sector bodies in recent months. It is evident that public-sector cybersecurity experts need all the help they can get. Partnership with private sector players is the order of the day.
This kind of collaboration has already been going on for some time, said Matt Olney, director of threat intelligence and interdiction at Cisco Talos. He was speaking at a LinkedIn event called Driving Transatlantic Public Sector Cybersecurity Through Collaboration.
But even though public/private relationships are in place, there is still room for improvement. One example, Olney believes, is where government agencies request threat data from private providers in real time.
Such requests can be challenging for the private sector because of the need to comply with privacy issues. Furthermore, the data on its own is of limited use unless the agency concerned has ample resources to carry out a threat analysis, which is rarely the case.
“We can do a better job of conveying to government what they want if we take the time to contextualize what we are seeing,” Olney stressed, “as opposed to just dumping every piece of raw data on them.”
Rather than real-time sharing, he says, it makes sense to work on timely sharing: “Getting information to the government in the space [of time] where they can act on it. They are not prepared for real-time data and in that case, when you act in real time you fail in real time.”
During the LinkedIn event, Olney discussed these and other topics with public-sector cybersecurity heavyweights from either side of the Atlantic. This included Fortalice Solutions CEO Theresa Payton, a former CIO to the Office of the President at the White House. And Bart Groothuis, lead member of the European Parliament on cybersecurity of critical infrastructure, provided a European perspective. Graham Cluley, an award-winning cybersecurity researcher and blogger, moderated the session.
As cyber criminals continue to develop new threats and increasingly target the public sector for both economic and political ends, there is growing recognition of the need for public/private cybersecurity partnerships.
The day before the Cisco LinkedIn event, for example, Richard Moore, the head of the U.K.’s MI6 secret intelligence service, called for greater collaboration between his agency and private sector players.
“We have traditionally done an awful lot in house,” he said in his first live broadcast interview, “but increasingly we are going to have to work with the tech sector to be able to tap into their extraordinary ability.”
Despite this, Olney acknowledged that such partnerships will only go so far in eliminating cyber threats. “Collaboration isn’t a solution, it’s a mitigation,” he said. “It’s not going to make all the bad things go away, but hopefully it’s going to make them less critical when they happen.”
The Cisco LinkedIn session on Driving Transatlantic Public Sector Cybersecurity Through Collaboration took place live on December 1, 2021. Watch the archived discussion here.