At the RSA Conference, cyberspace security official Melissa Hathaway called for increased cooperation between the government, academia and the private sector. Hathaway was in charge of the recently completed review of U.S. cyber-security mandated by the Obama administration.
Academia, government and the private sector need to come together in the
name of cyber-security-that was the message Melissa Hathaway brought to
this year's RSA Conference in San
Hathaway is acting senior director for cyberspace for the National
Security and Homeland Security councils, and was tasked by the Obama
administration with heading up a 60-day review of the
government's cyber-security posture. Though she did not go into the
specifics of her findings, she described securing cyberspace as one of the
most serious economic and national security challenges the government faces.
"The United States
really is at a crossroads," she told the audience of conference attendees.
Her comments came a day after NSA Director Lt. General Keith Alexander told
conference attendees in his keynote that the NSA did not want control of
cyber-security for the United States.
Like Hathaway, he called for partnerships between his agency, the U.S. Department
of Homeland Security and the industry to help solve the challenges of
securing the Internet.
Hathaway said the Obama administration must lead the way on these issues,
and that international cooperation is required as well.
"Cyberspace knows no boundaries," she said.
Details of the report will be made available after the Obama administration
has had a chance to review the findings, she said. But between media reports
on the electric grid
in the United States
and the cyber-theft of terabytes of data tied to
an expensive weapons program
, some in the security community expect the
report to show that cyber-security-to say the least-needs work.
"I fully expect the report to show that U.S.
cyber-security-specially on networks which are considered to be "critical
infrastructure" (e.g., sensitive data networks, power, water, other SCADA
systems)-needs much improvement, better coordination and better leadership,"
said Paul Ferguson, senior threat researcher at Trend Micro, in an e-mail
interview with eWEEK before the conference. "Having worked in U.S.
military communications security for a number of years, there is certainly ways
to protect sensitive networks by first applying the 'air-gap principle'-in
other words, if it is worth protecting, it is worth not connecting to the