During the RSA conference Sam King, general manager of CA Veracode lead an engaging discussion with Art Coviello, former CEO of RSA and Robert Knake, senior fellow for cyber policy at the Council on Foreign Relations and senior research scientist at Northwestern University’s Global Resilience Institute.
While the conversation touched on a variety of topics, the prevailing theme was on the need for a private and public partnership and the how much we can depend on the government for cybersecurity assistance. According to the panelists, the main thing holding the government back from improving overall cybersecurity of our country is a lack of technologist in government. As the questions posed to Mark Zukerberg during his congressional hearing demonstrated, our government officials are not entirely sure how this Internet thing works.
This is exactly why we need a partnership between government and the private sector. Companies know what is needed but do not have the authority or reach to get it done. While government has the authority they require the expertise of the private sector to determine what should be done.
How to respond to state sponsored cyberattacks also came up during the conversation. Should we respond in kind with our own cyberattacks? In our increasingly connected world, what is to say those counter attacks don’t end up impacting our own citizens and critical systems? Questions about the effectiveness of economic sanctions also came up. This seemed to be preferred to the concept of a mutually ensured digital destruction that escalation would create.
During the Q+A with the audience one particularly poignant question arose. After years of deadly shootings we’ve seen a group of individuals come together and protest. Regardless of which side you fall on the gun control debate – you cannot deny that this grassroots effort has been effective at creating change. Private industries are responding to their calls. Do we need a similar grassroots movement to entice the private sector and government to respond to the cyber threats facing our modern world? What will it take to spur citizen activists into action around this issue? It’s a question that keeps going around in my head after leaving this panel.
The panelists left the discussion on a positive note talking about the progress they’ve seen and how protecting our digital society is possible with cooperation from private sectors and government. As this issue becomes more and more relevant, I look forward to seeing how this debate evolves.