US National Cyber Director: Toward a New Cybersecurity Social Contract
In a Black Hat Asia keynote Fireside Chat, US National Cyber Director Chris Inglis outlined his vision of an effective cybersecurity public-private partnership strategy.
May 16, 2022
The future of cybersecurity public-private partnerships (PPP) will be about sharing efforts and pooling resources to provide a common defense, explained US national cyber director Chris Inglis during a fireside chat at Black Hat Asia.
Inglis called it a "new social contract" and defined the joint work that lies ahead for both government and business to protect their interests. It should be a "collaborative, not a division of effort," he told moderator and Black Hat founder Jeff Moss. He added that it's up to businesses to build secure systems from the start rather than being "the poor soul at the end of the supply chain."
Building a Defensible System
In return for adding the cost of security into the design and build phase, these companies won't be left alone when it's time to respond to threats.
"We have to build a defensible system," Inglis said. "And in a collaborative fashion, we are going to defend it."
Market forces are pushing companies toward that model, but not fast enough, Inglis said, with the assurance that any regulation will be with the "lightest touch" by government.
Business as a Government Cybersecurity Collaborator
He added that since the Russian invasion of Ukraine, the US government has shared intelligence with the private sector to help defend their systems against cyberattacks. Inglis also lauded the action by Microsoft to roll out a patch against the Russian wiper virus used in attacks against Ukraine, but warned that it's imperative that we not "conflate geography with risk."
For instance, blocking Putin from platforms is different than blocking the wider Russian population, which has happened on TikTok, Netflix, Facebook, and many others.
Inglis also expressed that the private sector should demonstrate that is has an interest in protecting privacy and providing more transparency into their businesses.
Ultimately, the relationship between business and government is evolving.
"Today, there are instances where the private sector is the supported organization and the government is the supporting organization," Inglis said. "This is a new social contract, but we've done this before. It's about allocation of responsibility across the entire ecosystem."
Read more about:
Black Hat NewsAbout the Author
You May Also Like
Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024The Unreasonable Effectiveness of Inside Out Attack Surface Management
Dec 4, 2024