Current and former policymakers admit it: The U.S. government needs do a better job sharing cyberthreat information with the private sector if it’s going to defeat increasingly complex cyberattacks from nation states.
The exchange of cyberthreat information between the government and companies was the cornerstone of a 2015 bill hailed as landmark legislation to protect against digital attacks. But more than two years later, these comments at a Cyber 202 Live event hosted Friday by The Washington Post reveal the U.S. government has an incredibly long road ahead to effectively implement the legislation. Officials are finally acknowledging they have been too focused on trying to get companies to share information with them — and less on sharing with private companies who want threat intelligence the government detects.
“No company out there, no state out there is going to overcome this challenge by themselves. We have to work together,” said Christopher Krebs, undersecretary for the Department of Homeland Security’s main cyber unit, the National Protection and Programs Directorate.