The Department of Homeland Security released its first Quadrennial Homeland Security Review late Tuesday in which it argued persuasively that much more should be done to improve the U.S. cybersecurity posture over the next four years.
While the document declares itself to be more focused on strategic visions rather than tactical steps, in many ways it reads like a gigantic to-do list that still needs to be fleshed out. For example, the report says the private sector needs to come up with “guidelines, codes, rules, regulations, and accepted standards” to ensure network and data integrity, while at the same time ensuring “confidentiality, integrity, and availability of systems, networks, and data without impairing innovation, and while ensuring privacy.”
That’s both a nice recap of the problem facing network operators and a goal to which they can aspire. What’s missing is more specific guidance on all the nitty-gritty work and decisions on how to get there.
What seems clear from the tone of the report is that the government will continue to rely on a partnership model for implementing better cybersecurity measures, rather than relying on top-down government mandates, and will strive for better information sharing between the feds and industry.
How DHS and the private sector put more meat on this bone will be our story of the next four years. -- JC
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment