Cybersecurity efforts are still taking place in silos, and this needs to change if any progress is to be made, says David Blunkett MP, chairman of the International Cyber Security Protection Alliance (ICSPA).
“We need to overcome the silo approach to security in the cyber world, just as we did in the physical world, when people realised the police could not do their work without the help of other agencies,” the former home secretary told Computer Weekly.
“It is no longer enough to have collaboration in government, law enforcement and business silos. All three elements have to come together,” he said.
Businesses, particularly corporates and multinationals, also need to recognise that they all have a role to play in information assurance, and it is time to move from just talking to government to working out exactly how they can assist each other, said Blunkett.
“Businesses must see that they are all in this together, that they have a common cause and that they have an enormous opportunity to influence governments across the world. The better ones get it, but many don’t, and they become the weakest link in the chain,” he said.
Ideally, Blunkett said businesses with cybersecurity expertise should be passing on awareness and best practice to those that do not. “Businesses need to think more broadly about how they can join up and act in concert,” he said.
The challenge facing government is how to tap into the expertise of individuals in business, he said, because the people in the know are likely to be the ones who are bidding for government contracts, and will therefore be disqualified from being part of the solution.
“We have got to get over that so we can use, on an ongoing basis, the substantial expertise across boundaries, because many of these companies are international,” he said.
At the bare minimum, Blunkett said businesses must get involved, then the next stage is getting some perspective on the benefit to the business of wider collaboration and working out what they can contribute and what they expect to take away.
“If we can get people thinking like that, they will not just ask what is the solution, but what are we going to do together to take some strides forward,” he said.
Blunkett praised projects such as the Commonwealth-led cybercrime initiative ComNet that put together issues of governance and co-operation with the positive outcome of helping those who are willing to be helped.
“If we can work out in other spheres of life how to get major players involved in politics and government, we should certainly be able to do it with cybersecurity and information assurance, but we have only just begun,” he said.
Dialogue between the state and commercial companies is just one of the topics Blunkett will tackle in his keynote presentation at GovNet’s Cyber Security 2011 conference in London on 29 November.
The presentation, entitled Security and Freedom in the Cyber Age, will also touch on ensuring security in cyberspace, the rules of engagement for cyber weapons, and government initiatives on cybersecurity.