Cyber Attack Data-Sharing Is Lacking, Congress Told

Coverage Type: 

US intelligence agencies are unable to share information about foreign cyber attacks against companies for fear of jeopardizing intelligence-gathering sources and methods, cyber security expert Paul B. Kurtz told lawmakers. Kurtz, who served on the National Security Council in the Clinton and Bush administrations, spoke at the first open hearing on cyber security held by the House Permanent Select Committee on Intelligence. He and other experts discussed President Bush's Comprehensive National Cybersecurity Initiative, disclosed in January, which focuses on cyber espionage against government systems and, they said, does not adequately address the private sector. There is no coordinated strategy or mechanism for sharing intelligence about intrusions with companies, nor is there a systematic way for companies to share information with the government, said the panelists, who are members of the Center for Strategic and International Studies commission on cyber security, set up last year to advise the next administration. While certain information must remain classified, "the government needs to do better" at sharing unclassified information about cyber attacks, said Rep. Silvestre Reyes (D-TX), who chairs the intelligence committee. "Everyone stands to benefit from an improved two-way information flow."


Cyber Attack Data-Sharing Is Lacking, Congress Told