Building a Resilient Nation: A Public-Private Imperative
The public and private sectors in the United States are navigating similar external forces as they develop their cybersecurity strategies. These sectors are well aware that in the realm of cyberattacks, it’s not about if, but when. Many organizations have already encountered breaches, finding themselves in the aftermath, working to repair the damage done to their IT environments. This reality highlights a crucial truth: threat actors do not discriminate between public or private entities. Each organization possesses valuable data, making it a potential target.
The current threat landscape demands a shift towards cyber resilience— the capability to defend, endure, and swiftly recover from cyberattacks. With both sectors under threat, embedding cyber resilience into the nation’s core becomes essential.
Missteps in Cybersecurity
The initial step towards fostering a resilient nation is acknowledging what organizations, both public and private, often misconstrue about cybersecurity. Many still adopt a one-size-fits-all strategy by deploying a single cybersecurity solution across their entire IT infrastructure. While managing such a setup might seem straightforward, it undermines overall security. After breaching the IT environment, threat actors can easily move laterally across the network, accessing critical and sensitive areas. This scenario underscores the necessity of deploying the strictest cybersecurity measures to protect the most vital assets.
Additionally, organizations frequently misdirect their cybersecurity focus. While many leaders concentrate on identifying unauthorized or malicious behavior, the focus needs to expand to include allowed behavior. Public and private sectors alike must ponder, “What are we intentionally allowing into our IT environments, and how does it impact our security stance despite potential gains in productivity?”
Furthermore, the collective mindset regarding infiltration needs a shift. An infiltration by threat actors doesn’t signify a lost battle. Victory lies in thwarting the attackers from obtaining their end goals, such as accessing sensitive data or executing ransomware attacks. A multilayered cybersecurity approach becomes pivotal here, compelling threat actors to face several hurdles to reach their objectives.
Shared Challenges and Opportunities
Currently, both the public and private sectors confront similar challenges as they work on their cybersecurity approaches. One notable issue is the persistent IT skills shortage, with 77% of organizations reporting staffing and resource constraints as significant obstacles to resilience. Additionally, the demand for AI expertise is soaring and doesn’t show signs of abating as enterprises embrace AI technologies.
As the proliferation of AI introduces benefits like enhanced productivity and reduced human error, it simultaneously assists threat actors. The 2024 State of Security report indicates that adversaries are exploiting generative AI to enhance phishing schemes, conduct more numerous attacks, and even tailor attacks in the target’s language.
Both sectors are also adapting to the SEC Cyber Disclosure regulations implemented last December. These regulations mandate detailed reporting on the fallout of cyber incidents within four days of occurrence, a timeline initially critiqued for its brevity. However, over time, the regulations have proven beneficial for the wider cybersecurity community.
The Case for Public-Private Collaboration
Given these industry pressures, it is logical for private and public entities to collaborate in addressing them. However, there is no established standard for public and private company partnerships aimed at enhancing national cyber resilience. Understandably, concerns exist, such as potential legal issues if a federal agency partners with a company it might later prosecute.
Nevertheless, successful public-private collaborations are already emerging on smaller scales. For instance, Louisiana State University conducts a program where private companies contribute technology and expertise, assisting students in honing their cybersecurity skills. Such partnerships effectively prepare the next generation of cybersecurity professionals.
The next logical step is scaling these partnerships beyond educational and grassroots initiatives to include larger corporations and organizations. An instance of successful collaboration was seen during the response to the notorious Log4Shell vulnerability. Public and private entities came together in a neutral forum to share pertinent information, focusing on solving the common problem without seeking competitive advantages. This collaborative effort can serve as a model for future public-private interactions.
Strengthening Internal Resilience
While optimal public-private partnerships are still being defined, internal measures can be taken to bolster organizational resilience. Practices like using password managers, enabling multi-factor authentication, ensuring regular software updates, and safeguarding backups can cultivate a resilient culture. Encouragingly, many businesses intend to invest in these areas, strengthening their cyber posture. According to a Splunk report, both sectors plan to invest in threat intelligence (50%), cybersecurity monitoring (46%), and generative AI security tools (43%) in the upcoming year.
Establishing a resilient framework within individual organizations prepares them for future public-private collaborations, aimed at constructing a robust, cyber-resilient nation.
Paul Kurtz, the chief cybersecurity advisor and field chief technology officer at Splunk, emphasizes the significance of these collaborative efforts and internal strategies to develop a stronger and more secure national fabric against cyber threats.
