Sharnig cyber threat information is part of DHS's mission, amplified in the 2013 cybersecurity executive order. (JIM WATSON / AFP)
Intelligence-sharing has become a higher priority following a 2013 executive order that expanded the Homeland Security Department’s Enhanced Cyber Services program.
Under the program, DHS and other agencies are to share cyber threat intelligence between the government and owners and operators of critical infrastructure. Information-sharing also is a key component of the National Institute of Standards and Technology’s cyber framework released in February.
In a March 7 appearance at Georgetown University in Washington, Gen. Keith Alexander, director of the National Security Agency and commander of U.S. Cyber Command, once again called for expanded threat-intelligence sharing.
“We have a lot of capabilities in our government that we ought to share, analogous to the way we share capabilities to defend our nation in physical space,” Alexander said. . “If a bank is attacked by another nation-state [in cyberspace], our country shouldn’t say, ‘good luck with that.’ Because if the bank were attacked in physical space with missiles, we wouldn’t say, ‘you have to have your own missile defense system.’ In this space we have to figure out how that government-industry partnership will work.”
Echoing previous appeals for Congress to pass laws to catch up with technology, Alexander said that effective cyber information-sharing hinges on legislation.
“This is a team sport – not just NSA and Cyber Command. It’s DHS, FBI and many others,” he said. “The government has to work with industry. We have to have the [policies] and we’re working our way through, but the key thing we need is legislation.”