The international effort to confront international cybercrime

Cybercriminals obviously do not respect international borders. So it should be equally obvious that the effort to defeat or even slow them down is going to take an international effort, involving both the public and private sector.

Two of the key government players in that effort -- Michael Daniel, U.S. special assistant to the president and cybersecurity coordinator, the White House; and Natalie Black, his UK counterpart as acting director of the Office of Cyber Security and Information Assurance, Cabinet Office -- brought that message to RSA 2015 Thursday in a presentation titled, "There Are No Domestic Cyber Issues: U.S. and UK Leaders on Global Partnership."

[ Follow all CSO's coverage from RSA 2015 ]

Given the evolving nature of cyberthreats, Black said, "We should welcome the opportunity to collaborate.

"The good news is that we're taking cybersecurity much more seriously. We're seeing a recognition that good cybersec is fundamental to effective functioning of society," she said, adding that, "we can't do it alone. There are no islands in cyberspace. To realize benefits and opportunities, we have to work together."

Daniel said his office has laid out three goals:

  • Raise the level of cybersecurity in society as whole, both short and long term.
  • Disrupt and interrupt what criminals are doing in cyberspace.
  • Develop strong incident response and recovery. "We need to be both more resilient and capable," he said.

"And we have to do it not just domestically but internationally," he said. "We need to partner with U.S.-based industry, but also in the international space, the same as we do in other areas."

The two said they are also seeking to align security frameworks like NIST (National Institute of Standards and Technology) in the U.S. and Cyber Essentials in the UK; and to collaborate with CERT (Computer Emergency Readiness Teams) in both countries.

"It's not just talking but exchanging information in machine form and at machine speeds," he said.

Daniel said another focus of collaboration is with all levels of law enforcement. He said the government's takedown last year of the Gameover Zeus botnet involved five federal agencies and required precise timing across multiple time zones.

For the audience, clearly the most contentious issue surrounding talk of "partnership" between government and the private sector in confronting cybercrime is what they perceive as the sharing going mostly one way: They share with government but government doesn't share much with them. And even when it does, there are controls placed on it.

One questioner, who said he works for a firm that has a distributed development environment, said that, "many of the pieces you give us come with flags that say we can't share it."

Daniel said his office is working on that. "We need to recognize threat intelligence as more of a commodity, and not proprietary," he said. "We're trying to push more of it into the unclassified world and make it more sharable."

Join the CSO newsletter!

Error: Please check your email address.

Tags RSA 2015Cabinet OfficeAssurancesecuritylegalCSOmalwarecybercrimeGlobal Partnerswhite house

More about AssuranceCSOCyber EssentialsRSATechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Taylor Armerding

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place