Friday, September 17, 2010

SmartContracting Blog Meets Smart Contracting Caucus, Learns about Cybersecurity Challenges

Speakers from two PSC member companies, SRA and Mircosoft, were on Capitol Hill Sept. 16 to explain the challenges facing the public-private partnership fighting cyber threats. They participated in a special meeting of the House Smart Contracting Caucus (LOVE the name!) hosted by caucus member Rep. Gerry Connolly, VA-11.

 
According to the Office of the Director of National Intelligence, cybersecurity is one of the top threats to our national security. Connolly and the panelists—Patrick Burke, senior vice president for offerings and products with SRA; Jerry Cochran, chief cybersecurity architect for Microsoft Public Sector Services; and Jessica Herrera-Flanigan, partner at Monument Policy Group and member of the CSIS Commission on Cyber Security for the 44th Presidency—were in general agreement that among the top hurdles facing both government and industry in tackling this threat are:

 
  • Inadequate information sharing between the sectors to ensure threats are addressed in a timely manner;
  • A shortage of public and private sector employees with the skills necessary to stay abreast of the ever-evolving, global threat;
  • Undefined leadership roles and responsibilities among agencies and contractors; 
  • A lack of a common lexicon regarding cybersecurity terminology and threats; and
  • No broad policy for assessing and managing the risk to government and private sector systems.


All agreed that these challenges have long faced both the public and private sector. This Congress has attempted to address these matters through legislation, but none has passed to date. Some of the bills would take important steps to clarify leadership in the executive branch, define the roles and responsibilities of the public and private sectors, and establish compliance reporting structures. According to Connolly, it is unlikely that any of the bills will pass Congress before or after the election.

 
That means the government and private sector will have to start the entire process from scratch in the new Congress. Meanwhile, the cyber threat continues to evolve and the government and private sector continue to fight it as best they can.