Industry urges better cooperation from government on cyber threats
The government should have a standard protocol for when to alert the private sector to cybersecurity threats and a standard process for sharing that information without revealing classified secrets, the leader of a financial services industry group told the House Homeland Security panel on cybersecurity.
While the infrastructure is in place for the government and industry to work together on cybersecurity, the private sector often is kept in the dark too long because federal officials are wary of revealing information about ongoing investigations, said Jane Carlin, chairwoman of the Financial Services Sector Coordinating Council. "What we're recommending is a documented protocol," she said, "a regularized and repeatable process for deciding when to disclose a threat to the financial community rather than making it up each time ... Let's inject some science here. How do we balance the importance of an ongoing investigation with the public policy effects of [firms'] ongoing exposure [to a security threat]?" FSSCC, which was created shortly after the Sept. 11 terrorist attacks, acts as the financial community's clearinghouse for cyber threat information and as a liaison with government cybersecurity offices.
Industry urges better cooperation from government on cyber threats