Global partnerships led by U.S. and overseas private sector partners will be critical to addressing cyber threats aimed at exploiting known vulnerabilities in critical infrastructure networks, according to U.S. and international government officials speaking at a cyber conference on Wednesday.

Leadership from the Department of Homeland Security, State Department and international cyber organizations urged industry attendees at the Billington International Cybersecurity Summit to assist in information sharing and capability development initiatives to thwart future cyber attacks.

Panel on global cyber threats at the Billington International Cybersecurity Summit. Photo: Matthew Beinart.
Northrop Grumman fellow Dr. Dennis McCallam moderates a panel on global cyber threats at the Billington International Cybersecurity Summit. Photo: Matthew Beinart.

“Due to the interconnected nature of the Internet and information communications technologies, it’s vital that we think of the international aspects of it, because we need to cooperate together. Not just with governments, but with the private sector as well to address this,” Robert Strayer, the top State Department cyber official, said during a panel on global cyber threats. 

Strayer reiterated the view in previous Intelligence Community assessments that the four main nation-state cyber actors–China, Iran, North Korea and Russia–are continuing to go after known software vulnerabilities with commercial malware.

International private sector partners will be counted on for information sharing opportunities to more rapidly identify vulnerabilities they discover in their networks, according to Strayer.

John Felker, director of DHS’ National Cybersecurity and Communications Integration Center, wants to see further discussion with allies on bringing in the private sector perspective to improve cooperation in defending against major cyber attacks.

“We need to strike a balance here that allows us to share in a trusted environment so that we all know what’s going on. At the end of the day, you cannot survive by yourself. It’s not possible. We need to create structures and processes to allow us to share both with our critical infrastructure private sector partners and with our international partners the information that can be gathered through the work that we do,” Felker said.

Cyber officials from Estonia and Sweden joined Felker and Strayer on their panel to urge industry partners to get on the same page as their respective governments to keep up with rapidly growing threat vector.

“In the coming future, we have to deal with these types of vulnerabilities more and more. Of course, we can talk about these buzzwords like artificial intelligence and quantum computing. But at the end of the day, we have to face the already existing vulnerabilities and deal with them,” Taimar Peterkop, Estonia’s director general of information system authority, said. “Cyber is different from the conventional areas of security in the sense that it’s really very difficult to predict what’s coming in the future. So everything we can predict and learn from is very little, because every week we learn something new about an enabled threat.”

Strayer, who leads the State Department’s top cyber office, told Defense Daily he expects his department to continue with a reorganization effort initiated in February by outgoing Secretary of State Rex Tillerson, which aims at consolidating future cyber diplomacy efforts (Defense Daily, Feb. 6).

CIA Director Mike Pompeo has been nominated to succeed Tillerson. Strayer said he has not received input on the possible new secretary’s view regarding the cyber reorganization.

A second panel on cyber exercises, including the DHS-led Cyber Storm, highlighted the potential for global cooperation to test out information sharing and network protection capabilities.

John Foti, a former DHS official and current Booz Allen Hamilton [BAH] senior executive, cited the importance of previous Cyber Storm global exercises in helping establish the scale for sharing classified information on a bilateral level.

“We would have multiple countries running full-scale Cyber Storms all at once with their private sector, our private sector, and it was great in terms of how much activity was going on. But what we could track and fix, we got lost in,” Foti said. “What we’ve done is work with our international partners in the planning process, and now what happens is we have more of the national cyber centers talking during the exercise.”

Atsushi Karimama, an official with Japan’s National Center for Incident Readiness and Strategy for Cybersecurity, said industry partner participation was vital for his country’s ability to transfer critical vulnerability information needed to protect critical infrastructure networks.

A 2006 critical infrastructure cyber exercise had 90 participants and the latest event in December 2017 had 2,600 participants, according to Karimama.

DHS lead cyber security official Jeanette Manfra reiterated during her remarks at the summit that international cooperation will be a key factor to ensuring the cyber security of the global supply chain.

“Threats in cyberspace are not bound to national borders. Our networks, and the critical infrastructure they support, are integrated into a global cyber ecosystem. This reality makes our usually domestic mission inherently international,” Manfra said.