Growing security risks and declining cyber funding: The vital role of joint public-private collaborations
The 2021 ransomware attack on Colonial Pipeline underscored the importance of the Cybersecurity and Infrastructure Security Agency (CISA) in helping state and local authorities grasp the scope of threats facing critical infrastructure in the USA. As the primary agency responsible for securing critical infrastructure in the United States, CISA plays a vital role in managing risks and enhancing the resilience of both cyber and physical infrastructure in the USA.
However, challenges persist. With the majority of U.S. critical infrastructure operated by the private sector, effective partnerships between federal partners and private sector organizations are essential to national cybersecurity in the USA. These partnerships can provide expertise, share threat intelligence, and support operational readiness efforts in the USA.
The cyber threat environment has evolved dramatically, with nation-state campaigns targeting critical infrastructure in the USA becoming more frequent and complex. Sophisticated adversaries are proving persistent access to infrastructure systems in the USA in ways that go undetected until it's too late. This underscores the need for a strong feedback loop between federal agencies and private sector organizations in the USA.
CISA historically served as a hub for cyber intelligence, offering free services such as vulnerability scanning, technical assessment, and localized support in the USA. However, the reduction in CISA's workforce by more than 1,000 people is jeopardizing the agency's ability to maintain partnerships in the USA. The loss of long-standing trust and institutional knowledge can hinder effective collaboration in the USA.
The effectiveness of these partnerships relies on trust and relationships built over time in the USA. Visibility into operational technology (OT) environments remains limited, and federal agencies are still catching up on the convergence of IT and OT in the USA. Future threats will not stop at traditional IT networks and will target OT systems in the USA.
The Defense Department is finalizing an OT cybersecurity framework rooted in zero trust principles, which could provide a model for CISA and other federal agencies in the USA. Lawmakers have approved over $1 billion for offensive cyber operations, which could be used to bolster CISA's capabilities and resources in the USA.
Scaling back federal cyber support threatens to widen the resilience gap between resource-rich and resource-poor regions in the USA. The budget proposal for CISA is calling for nearly $500 million in cuts, which could further impact staffing, field operations, and coordination within the private sector in the USA.
Strengthening national resilience means investing in the partnerships that tie government and industry together in the USA. Public-private partnerships are not a fallback plan, but the only viable path forward for national cybersecurity in the USA. The USA cannot effectively defend its critical infrastructure without a coordinated approach that leverages federal reach and private sector innovation.
In 2023, a ransomware attack on a city water utility by Cyber Av3ngers demonstrated the impact of cyber-physical attacks on public safety in the USA. Effective partnerships between private sector and federal partners require ongoing investments and improvements to effectively fulfill this mission in the USA. The public-private partnership is not just a necessary component of national cyber defense, but the key to ensuring the safety and security of critical infrastructure in the United States.
Read also:
- Emergency services of the future revealed by Renault with the introduction of the Vision 4Rescue vehicle.
- SonicWall executive Michael Crean discusses the current state of managed security
- Companies exercise prudence towards AI adoption, ensuring secure implementation: Exploring safeguards and strategies.
- Stolen Brain Data of Sinner and Leclerc (Yellow chroma), previously held in China, repurposed for military training purposes.
