Page 7 - Cyber Warnings
P. 7
sustainable, throughout various thresholds of a cyber event that may have national or even global
consequence. Such a plan should be periodically tested through a national level exercise that
identifies operational and capability gaps, lessons learned, and areas for improvement. A Plan of
Action and Milestones should be develop to measure progress and then tested in a succeeding
exercise. These steps are critical to improving our national capability to detect, prevent, mitigate,
and respond to cyber events with national consequence.
We have learned that there is currently an effort wholly within government to create a successor
NCIRP-type document. It would be a huge mistake and missed opportunity for the government to
exclude the non-governmental stakeholder community from such an effort which they have
continued to do on other cyber-related matters.
Given that the prevailing majority of our nation’s critical infrastructure is owned, operated, or
controlled by the private sector, it is essential and only makes good public policy sense to include
those that actually operate networks and systems every day in building a predictable and
sustainable set of procedures and protocols that will be implemented during a cyber event of
national consequence.
Many relevant and unanswered questions come to mind when considering the importance of such a
critical effort. Who will be in charge of the decision-making process through various thresholds of
escalation? How will real time or near real time situational awareness be achieved? How will
ground truth be gathered, evaluated, de-conflicted, and shared to inform the decision making
process? When does an event cross an escalation threshold of impact from one that is under the
jurisdiction and purview of the Department of Homeland Security or the FBI…to one that has
national and economic security ramifications that is appropriate for the jurisdiction of the
Department of Defense?
Where are the opportunities and through what path does the private sector and the owners and
operators of this nation’s critical infrastructure get plugged into the process? What is the role of the
NCCIC; NICC; UCG; CRG; the DRG; the SCC’s; the ISAC’s; the Deputy’s Committee; and so
many others? What are the indemnification procedures for industry should there be a government
request to a particular company or group of companies for an intervention as a protective measure
that could have global ramifications for the private sector entity?
As publicity around more and more data breaches is reported, folks of all levels of cyber
sophistication are increasingly concerned about protecting their identity; bank account; credit
cards; business secrets; and even their intellectual property and business operations.
Unfortunately many people and business of all sizes simply do not know how best to protect
themselves. Accordingly, it is way past time to implement Item #6 from the list of Near Term Action
Items included in the President’s Cyberspace Policy Review that was released in 2009 that calls for
the Administration to initiate a national public awareness and education campaign to promote
cybersecurity.
Such an effort is long overdue and should draw on the good work and content of the US Stay Safe
Online and the UK Get Safe Online that provide a wide range of information for cyber users of all
levels of sophistication that can help improve their cyber protection profile by implementing
7 Cyber Warnings E-Magazine – January 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide