U.S. Renews Call to Private Industry to Help Cybersecurity

By Wolfgang Gruener
published

The U.S. government increasingly sees a pressing need to address security threats against IT networks effectively.

In a speech to the audience of the Symantec Government Symposium, General Keith Alexander, Commander, U.S. Cyber Command and Director, National Security Agency/Chief, Central Security Service, said that only a close collaboration between the private industry and the government can meet this goal.

"We can defend this space. But we're stuck at the starting line figuring out how we're going to do this," he said. "That's going to be the push you see from the administration and Congress, and should be the push from business and the American people. We all have these devices. We all benefit by having secure devices that our children and grandchildren can get on and call from securely."

One of the major challenges is, according to Alexander, to understand the nature of attacks, which are growing more and more sophisticated. "The biggest problem is education," Alexander said. "Most people do not technically understand the network." The fact that mobile devices are now always connected to data and are being integrated into critical environments with access to important information would require "a defensible architecture," he said.

The good news is that, even if that architecture is not available, the private industry and government both are willing to collaborate. AMD, Honeywell, Intel, Lockheed Martin, and RSA/EMC recently announced the formation of the Cyber Security Research Alliance (CSRA) with the intent to work with the government on cyber security technologies.

Contact Us for News Tips, Corrections and Feedback

Wolfgang Gruener
14 Comments Comment from the forums
  • abbadon_34
    why should they, when evey internal and external problem can be blamed on "hackers" and "pirates"
    Reply
  • Thomas Creel
    The gov has a lot of money, I don't know why they can't do something about this. The hackers have time though, and are always a step ahead.
    Reply
  • falchard
    I don't want the government to spend any money on cybersecurity. Thats when I know security will be much easier to breach. The governmnet is pretty bad at things like research and development. For instance take the current US military Assault Rifle. Its 40 years old, and there are cheaper, easier to produce, more accurate, and more reliable US based companies who make Assault Rifles. The problem is the government stalls technological development.
    I really don't want the government stepping in on how they think they can protect private citizens from the denizens from the net. We might get our own Great Firewall of the United States.
    Reply
  • JBB-SaDo
    Thomas CreelThe gov has a lot of money, I don't know why they can't do something about this. The hackers have time though, and are always a step ahead.
    Since when do they(Gov) have money? http://www.usdebtclock.org/index.html

    Reply
  • A Bad Day
    One of the major challenges is, according to Alexander, to understand the nature of attacks, which are growing more and more sophisticated. "The biggest problem is education," Alexander said. "Most people do not technically understand the network."

    Security Auditor: http://serverfault.com/questions/293217/our-security-auditor-is-an-idiot-how-do-i-give-him-the-information-he-wants

    Server OS update frequency: Once every few months

    Group Policy: Fits all situations, according to management

    Response Plan to an Attack: Last updated in 1990s for a previous 1980's server system

    Special Permission Usage: Granted to all tasks because compatibility troubleshooting is too much work

    Firewall: Allow all incoming/outgoing traffic

    Education of security: Once every year, if we remember to do it

    Password format: Plaintext

    Most common passwords: 1234

    Admin password: Password

    SQL injection resistance: What SQL injection attack?

    Funding for a server upgrade: Diverted to CEO's bonus paycheck
    Reply
  • A Bad Day
    EDIT:

    Vulnerability to URL exploit: Never checked, like this is ever going to happen: http://www.theregister.co.uk/2011/06/14/citigroup_website_hack_simple/
    Reply
  • nebun
    this is way too funny....isn't the government already contracting civilians to take care of their networks?....am i missing something?....the military IT guys are nothing but overpaid paper pushers, i know this for a fact.
    Reply
  • ikyung
    World war 1 - Aviation warfare
    World war 2 - Chemical warfare
    World war 3 - Cyber warfare
    Reply
  • nebun
    iKyunGWorld war 1 - Aviation warfareWorld war 2 - Chemical warfareWorld war 3 - Cyber warfaredid you figure this out all on your own?
    Reply
  • agnickolov
    iKyunGWorld war 1 - Aviation warfare
    World war 2 - Chemical warfare
    World war 3 - Cyber warfareCheck your facts. Both aviation and chemical warfare were used in World War I. Chemical warfare was even pioneered back then. Aviation warfare was introduced a few years earlier in the first Balkan war.

    World War II is far better known for the use of tanks. And of course the big introduction of atomic weapons at the very end.
    Reply