via Information Week
For years, the federal government has launched one policy initiative after another to protect critical IT infrastructure in coordination with the private sector. There’s been progress, but the threats–computer breaches from foreign parties, fast-spreading worms, and hidden malware–have outpaced the advances, leaving computer systems and networks across industries more vulnerable than ever.
What can businesses and Uncle Sam do, together, to reverse this dangerous trend? There must be three areas of immediate focus. First, the public and private sectors need to share more information–more parties must be included and new platforms used. Second, they must pay more attention to defending against attacks that threaten critical IT infrastructure and even damage physical facilities. Third, their collaboration must be ratcheted up to the next level–real-time identification and response as threats occur and, more to the point, “moving security practices from a reactionary posture to one that’s proactive and preemptive,” says Rich Baich, leader of Deloitte’s Cyber Threat Intelligence Group.
In other words, the growing number of cybersecurity “partnerships” being established between the federal government and the business community are more than a one-way street. The feds may be driving the effort through initiatives such as Homeland Security’s 2009 National Infrastructure Protection Plan, developed in response to a presidential directive, but companies stand to benefit from the more resilient cyber defenses that result from such collaboration.