The information age and impact of globalization have thrust new demands upon the United States’ national security and public safety leadership. The need for technological superiority combined with strategic planning in a rapidly changing global environment is paramount to protecting US citizens. However, it is apparent that technological advantage is no guarantee for future success on this “new battlefield.”
There has been much said and success gained by the whole of government (WOG) approach to national security and sharing of information among government agencies. The term “whole of government” can be defined as an approach that integrates the collaborative effort of the departments and agencies of a government to achieve unity of effort toward a shared goal.
A renewed focus and effort is required to strengthen and re-invigorate the WOG approach by the inclusion of the private sector. The ability for the private sector to invest, co-develop and integrate innovative technologies into the federal security marketplace will significantly impact progress in threat deterrence and mitigation.
The vibrancy of the US economy is reliant on a healthy and robust interdependency between the government and private industry. The volatility of the domestic political and economic environment contributes to the complexity and challenges of this relationship. Renewed and strong homeland security defense measures must contain the recommendations and input of the private sector, given its exhaustive capabilities and ownership of an estimated 85 percent of critical infrastructure within the United States.
The convergence of physical and cybersecurity threats to critical infrastructure reached a new level in 2015, with the attack against three Ukrainian distribution substations where destructive malware was used in a broad and sophisticated cyberattack. Through this attack, approximately 225,000 customers lost power for three hours, cutting at least seven 110 kV and 23 35 kV substations.
Terrorist and advanced non-state actors that collaborate with each other in virtual and physical safe havens are the largest threat to modern critical infrastructure owners and/or operators. The convergence of IT and industrial control systems (ICS) networks has created systemic vulnerabilities whereby threat actors can exploit and carry out attacks by infiltrating enterprise business networks to pivot to more vulnerable ICS systems.
In a recent Trend Micro white paper, Dark Motives, researchers detailed how terrorist groups are now leveraging the same technology advancements that cybercriminals have used for years to recruit, communicate and spread propaganda through illicit websites, social and traditional media.
In addition, through the Deep Web they are able to create homegrown applications to fill in needed gaps to communicate securely across multiple platforms and borders. These advances in technologies have afforded cybercriminals to build capacity over the last ten years and now are affording terrorist groups those same opportunities.
In an effort for the United State to mitigate risks and expose the workings of these volatile groups, the adoption of a global holistic strategy to include the private sector’s efforts within the already-established WOG approach should be further expanded and utilized.
This strategy includes:
- People – Critical to any security strategy is the ability to recruit, train and maintain highly skilled security professionals. Within the US government, there exists a core group of well-trained cybersecurity professionals who serve as network defenders and cybercriminal investigators. However, as threats grow exponentially, the US government is unable to keep pace, and therefore demands a stronger partnership with private industry. This partnership affords the US government the ability to rapidly scale in an ever-changing threat landscape.
- Processes – For a more successful partnership, it is essential for private sector companies and government agencies to jointly create effective best practices and policies that both sides implement and follow in the event of an attack. A process that provides a global legal framework allows law enforcement and private companies to dismantle malware and other potential threats used by hackers, and bring cyber criminals to justice. It’s important to note the process aspect should not be reactive, but proactive. Accepted partnerships and processes need to be continually tested and evaluated.
- Technology – Because information held by government agencies and the private sector is often sensitive and highly confidential, advanced security solutions are critical to safeguarding this pertinent data. Anti-malware and breach detection technology programs provide protections against advanced threat actors aiming to infiltrate and access networks and systems. While programs and procedures prepare agencies and companies to ward off unwanted attacks, eventually, and unfortunately, a cyberterrorist will be successful in their endeavor. By the private sector, as well as government departments, creating and implementing the appropriate technologies within their own IT structure, they can detect attack methods and respond accordingly to any potential breaches.
- Partnerships –The cooperation between the private sector and government agencies should not be a reactive approach, but instead, built organically from the beginning with an aligning goal to fight cyberterrorism. It is not enough for the two to work together; rather, it is critical that they support one another in their combined efforts. A great example of this can been seen in INTERPOL’s partnership with leading, private cybersecurity companies to establish a three-year agreement to provide support to the international agency and its member countries with knowledge, resources and strategies to fight global cybercrime. With the threat information INTERPOL receives from the private sector, the agency is equipped to quickly act upon malicious cybercriminals. In addition, often governments and private sectors are faced with similar, imposing threats. By working together, they can fully understand the threat and/or terrorist organization they are up against, and learn better and more efficient ways of defeating them.
The United States has been and will likely become again the victim of another terrorist act. However, the private sector is uniquely capable of helping the United States negate the extremist narrative by providing timely threat information as well as critical expertise to combat both cyber and physical threats. By working together, the private sector and government agencies can be much more successful in their efforts against terrorism and fully understand each other’s capabilities to prevent attacks and bring justice to those affected.
Ed Cabrera is vice president of cybersecurity strategy for Trend Micro, a global provider of security software for corporations and consumers, established in 1988. He was previously the Chief Information Security Officer of the United States Secret Service with experience leading information security, cyber investigative and protective programs.
Michael Breslin currently works in the homeland security field. Mr. Breslin’s undergraduate degree is a Bachelor of Arts from Saint John’s University, Queens, NY. In addition he holds a Master of Science Degree in National Security Strategy and a Graduate Certificate in Business Transformation and Decision Making from The Industrial College of the Armed Forces (2011) and a Master of Public Administration from John Jay College of Criminal Justice (1995). In January 2015, he completed a The Key Executive Leader Certificate program at American University’s School of Public Affairs.