via InformationWeek Government
Private sector representatives Friday urged the government to do more to bolster cybersecurity-related information sharing and collaboration between federal agencies like the Department of Homeland Security and companies that own and operate critical infrastructure.
The federal government, mostly under the auspices of the Department of Homeland Security, over the last few years has increased efforts to protect private sector critical infrastructure from hackers. But representatives from AT&T, the North American Electric Reliability Corporation, and a consortium of financial services companies said in testimony before the House committee on homeland security that it’s still not enough.
“There’s a strong need to develop appropriate and standardized protocols for sharing,” said Jane Carlin, chair of the Financial Services Sector Coordinating Council, an association of financial companies set up in the wake of September 11 to protect the nation’s financial services critical infrastructure from attack. “Although we’ve made good progress on information sharing entities, we have not adequately addressed issues of timeliness and completeness of information.”
Carlin pointed to the aftermath of a cyber attack on a major financial exchange in October 2010 as an example of where better cooperation could have gone a long way. The exchange immediately informed its regulator and law enforcement, but information about the attack and its impact on other companies wasn’t disclosed to the rest of the industry for 102 days.