The federal government is currently pursuing efforts to pull cyber threat data from across the federal government in an effort to better fortify its digital infrastructure, mirroring how the private sector sees and communicates active threats, according to Eric Goldstein, executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency.
“We’re now investing in the infrastructure to be able to take in data from disparate sources and actually understand correlations between threats in a way that, yes, every mature major company does today, but the federal government never has,” said Goldstein, CISA’s executive assistant director for cybersecurity.
Both the governmentwide and agency Continuous Diagnostics and Mitigation Dashboards, which give real-time visibility into digital asset configurations between 102 federal agencies, mark a measurable improvement from years past, he said, but added that the collaboration-centric environment is still lacking.
“As a community, we haven’t yet fully manifested that culture of collaboration, both on the government side and the industry side,” he said. Ideally, a strong public-private collaboration would focus on creating what Goldstein describes as a “shared goal” to ensure visibility across all U.S. networks when an adversary attacks.
“That means a coequal burden on government to say, ‘if we’re seeing the leading indicators of an intrusion, we have got to make that available instantaneously to the private sector,’ and the inverse needs to be true as well,” he said.
Anne Neuberger, the deputy national security advisor at the White House, added that her office has recently gathered “some really interesting data” that shows how companies with a ransomware backup strategy recover faster than those which opt to pay the ransom in exchange for a decryption key.
“While a given payment may seem like the right thing for a company, it’s incentivizing the next attack,” Neuberger said, noting that this data will help guide the promotion of backup cybersecurity measures and strong encryption — a posture both the public and private sector can work together to emulate.
Neuberger added that more collaborative efforts can help guide policy direction.
“We need your help, both in designing the policies that incentivize using the best tech across critical infrastructure in this country, across the federal government, but also incentivizing companies working together to pull data, whether it’s telecom data, whether it’s endpoint data so that we can better detect and block attacks,” she said. “Everyone deserves to have confidence in the digital infrastructure.”