Cybersecurity Collaboration and the Key to Securing Our Critical Infrastructure

The scale and complexity of the SolarWinds, Microsoft Exchange, and Colonial Pipeline cybersecurity breaches necessitated a “whole-of-government” action plan. To establish a primary method for coordinating between and among Federal agencies, the Administration tasked two Unified Coordination Groups (UCGs) with developing the Federal response. 

Comprised of Federal officials from the Federal Bureau of Investigation (FBI), the Cybersecurity and Information Security Agency (CISA), the National Security Agency (NSA), and the Office of the Director of National Intelligence (ODNI), the two UCGs intended to unify the individual efforts of the Federal agencies as they implemented separate responses. The Administration also enlisted private sector partners to join and advise the UCGs, signaling a Federal commitment to increase similar collaboration strategies. 

“This Administration is committed to working with the private sector to build back better — including to modernize our cyber defenses and enhance the nation’s ability to respond rapidly to significant cybersecurity incidents,” said Anne Neuberger, the deputy national security adviser on cybersecurity and emerging technology on the National Security Council. Cybersecurity professionals have long noted the benefits of increasing this type of private and public sector cooperation. Even prior to the creation of the two UCGs, the government’s Cyberspace Solarium Commission advocated in its 2020 report that Federal agencies and the private sector “must arrive at a new social contract of shared responsibility to secure the nation in cyberspace.”

Information Sharing and Collaborative Relationships

“We have to look at cybersecurity from multiple layers, including national security, economic resiliency, and fairness of opportunities,” said Parham Eftekhari, Senior Vice President and Executive Director of the Cybersecurity Collaborative and Founder and Chairman of the Institute for Critical Infrastructure Technology (ICIT), a leading cybersecurity think tank. On the recent Corner Alliance cybersecurity webinar, Eftekhari noted that engaging private sector stakeholders expedites innovation, improves information sharing, and enhances Federal and civilian cyber capabilities. “Through automation capabilities and technologies, we absolutely have the opportunity to take what's been codified into law and automate certain processes, leverage information sharing and collaboration so every organization doesn't have to do it all on its own,” Eftekhari said, “it's not an easy solution, but I absolutely think it can be done.” 

Establishing these cooperative channels for information sharing and situational awareness equips Federal partners and private sector stakeholders with actionable intelligence and access to cost-effective resources. By leveraging its ability to intake cybersecurity information from various agencies and intelligence communities, the Federal government can operationalize these channels by briefing private sector stakeholders with detailed insights and potential mitigation tactics of ongoing cyber threats.  The Federal government is uniquely positioned to collect and disseminate cybersecurity threat indicators both because of its convener power and its relationships with state, local, tribal, and territorial (SLTT) governments and private sector actors.

The UCGs demonstrate how these collaborative relationships create detailed cybersecurity strategies, while simultaneously increasing the speed, effectiveness, and agility of the national cyber defense and innovation. Additionally, the structure of the UCGs reflects the reality that a majority of potential targets in cyberspace are private sector entities. These targets that include critical infrastructure could have significant destabilizing effects on national security if they remain susceptible to bad actors.

Securing Our Critical Infrastructure

“We'd be kidding ourselves if we thought, ‘Oh, okay. [SolarWinds] was a big one, but we're okay now,’” explained Lauren Zabierek, the Executive Director of the Cyber Project at Harvard Kennedy School’s Belfer Center. On the Corner Alliance cybersecurity webinar, Zabierek explained that this collaboration between Federal agencies and the private sector remains a pressing issue. “For example, a lot of bad things have happened. Our critical infrastructure could be being mapped. It's more than just stealing information.” Zabierek further explained that the Federal government and its private sector partners must consider strategies to develop new cybersecurity capabilities that could deny a hostile actor the capacity for action. Focusing these cooperation strategies on the ability to hold targets at risk will better equip Federal partners for emerging cybersecurity threats.

Neuberger echoed Zabierek’s comments recently during a Council on Foreign Relations panel. “Even if it’s routine espionage, these threats are still counter to our interests,” she noted. “How do we change our attackers’ calculus to make them think about those hacks they may be doing?”

As Eftekhari noted, the solution will not be easy in its implementation or seamless in its execution. However, increasing this private and public sector cooperation will strengthen the Federal government’s response to cybersecurity incidents, integrate private sector missions into national cybersecurity strategy, and diminish barriers to information sharing across the government and with private sector entities.