Curbing cyberattacks depends on public-private partnerships, lawmakers say
Curbing cyberthreats depends on public-private partnerships, lawmakers say
- By Wilson P. Dizard III
- Dec 08, 2003
The Homeland Security Department must strengthen its relations with the private sector to help curb the threat of cyberattacks, department overseers in Congress contend.
'As far as cybersecurity, the critical thing is building on the relationship with the private sector,' said Rep. Mac Thornberry (R-Texas), chairman of the House Homeland Security Select Subcommittee on Cybersecurity, Science, and Research and Development. 'If you do not have their cooperation, you will not be successful.'
Thornberry called for more federal action in cybersecurity. 'I believe more action is required'I do not believe Congress or the government in general has done enough.' He said the government must lead by example, notably by using its purchasing power to help develop markets for security products.
Rep. Zoe Lofgren (D-Calif.), the subcommittee's ranking minority member echoed Thornberry's view. 'In the cybersecurity area, most of the assets needing protection are in private hands,' she said.
The lawmakers' comments concur with statements made last week by DHS officials at the National Cyber Security Summit in Santa Clara, Calif., [see GCN story
Lofgren said few companies have incentives to protect their systems from attack. But she cautioned against some ideas that have been floated on Capitol Hill, such as ordering companies to disclose vulnerabilities in Securities and Exchange Commission filings.
DHS must not lose sight of the need for advanced theoretical research when allocating funds, Thornberry said. He said federal agencies would benefit from research on security protocols and advanced detection systems.
Officials in the department's Science and Technology Directorate have said that about 10 percent of the Homeland Security Advanced Research Projects Agency's grant funds will go toward advanced research.
The department also should develop ways to measure success, Thornberry said. 'A major problem with homeland security and science and technology for cybersecurity is how do you know you are making things better?' he said. 'It is relatively easy to pick things outof the air, but my mantra is that it has to be [measured by] metrics that matter.'