Eric Rosenbach, deputy assistant secretary of defense for cyber policy, said that streamlined information sharing between the government and the private sector would benefit efforts to protect the nation from a cyber attack.
Rosenbach said at a panel discussion during the Security Innovation Network’s annual conference that, while he and his colleagues have a mandate to defend the nation from cyber attack, the process is complex.
“One of the key aspects is … being able to see an attack coming, … and the only way you’re going to be able to do that is from information that almost certainly comes from the private sector in addition to intelligence sources,” Rosenbach said.
Legislation is the “nudge” DOD and its partners need to standardize the information-sharing policy process in light of the volume of information traded between the government and private sector, Rosenbach said. A proactive approach within the law, he added, can minimize haphazard information sharing and cybersecurity once a threat is detected.
“We spend a lot of time trying to reform [the Foreign Intelligence Surveillance Act] to put in a legal parameter … that would allow the federal government to do the things we need it to do in terms of surveillance and warning,” he said.
Precision and clear roles and responsibilities, such as the Department of Homeland Security leading domestic cybersecurity, can enable optimal collaboration among the departments and services while teaming with the private sector, he added.