Logo

American Security Council Foundation

Back to main site

Alan W. Dowd is a Senior Fellow with the American Security Council Foundation, where he writes on the full range of topics relating to national defense, foreign policy and international security. Dowd’s commentaries and essays have appeared in Policy Review, Parameters, Military Officer, The American Legion Magazine, The Journal of Diplomacy and International Relations, The Claremont Review of Books, World Politics Review, The Wall Street Journal Europe, The Jerusalem Post, The Financial Times Deutschland, The Washington Times, The Baltimore Sun, The Washington Examiner, The Detroit News, The Sacramento Bee, The Vancouver Sun, The National Post, The Landing Zone, Current, The World & I, The American Enterprise, Fraser Forum, American Outlook, The American and the online editions of Weekly Standard, National Review and American Interest. Beyond his work in opinion journalism, Dowd has served as an adjunct professor and university lecturer; congressional aide; and administrator, researcher and writer at leading think tanks, including the Hudson Institute, Sagamore Institute and Fraser Institute. An award-winning writer, Dowd has been interviewed by Fox News Channel, Cox News Service, The Washington Times, The National Post, the Australian Broadcasting Corporation and numerous radio programs across North America. In addition, his work has been quoted by and/or reprinted in The Guardian, CBS News, BBC News and the Council on Foreign Relations. Dowd holds degrees from Butler University and Indiana University. Follow him at twitter.com/alanwdowd.

ASCF News

Scott Tilley is a Senior Fellow at the American Security Council Foundation, where he writes the “Technical Power” column, focusing on the societal and national security implications of advanced technology in cybersecurity, space, and foreign relations.

He is an emeritus professor at the Florida Institute of Technology. Previously, he was with the University of California, Riverside, Carnegie Mellon University’s Software Engineering Institute, and IBM. His research and teaching were in the areas of computer science, software & systems engineering, educational technology, the design of communication, and business information systems.

He is president and founder of the Center for Technology & Society, president and co-founder of Big Data Florida, past president of INCOSE Space Coast, and a Space Coast Writers’ Guild Fellow.

He has authored over 150 academic papers and has published 28 books (technical and non-technical), most recently Systems Analysis & Design (Cengage, 2020), SPACE (Anthology Alliance, 2019), and Technical Justice (CTS Press, 2019). He wrote the “Technology Today” column for FLORIDA TODAY from 2010 to 2018.

He is a popular public speaker, having delivered numerous keynote presentations and “Tech Talks” for a general audience. Recent examples include the role of big data in the space program, a four-part series on machine learning, and a four-part series on fake news.

He holds a Ph.D. in computer science from the University of Victoria (1995).

Contact him at stilley@cts.today.

Who should be responsible for critical infrastructure’s cybersecurity?

Monday, March 30, 2020

Categories: ASCF News National Preparedness Cyber Security

Comments: 0

New research from industrial cybersecurity company Claroty found that the overwhelming majority of IT professionals believe the government should be responsibility for securing critical infrastructure.

According to Claroty’s new report, “The Global State of Industrial Cybersecurity," 87 percent of U.S. respondents said that it’s the federal government’s responsibility to ensure the security of critical infrastructure, the lowest number among the five countries polled.

“It’s possible that because critical infrastructure is so essential to the function of a nation, individuals believe that it is the sole responsibility of the government to protect these systems," Dave Weinstein, chief security officer of Claroty, told Fifth Domain. "But the reality is that this task is a partnership between the public and private sector — 85-90 percent of our critical infrastructure is owned and operated by the private sector, so they have to take primary responsibility.”

Claroty polled 1,000 IT professionals across the United States, Germany, France, Great Britain and Australia.

The government’s role in protecting critical infrastructure is a controversial issue. Most critical infrastructure is owned by the private sector, and operators are reluctant to give the government more access to their networks for cybersecurity.

But the poll comes just weeks after the release of a comprehensive cyber policy report by the Cyberspace Solarium Commission, which recommended that the federal government and private sector strengthen their relationship through a variety of different programs.

“As a matter of national security, critical infrastructure providers have a special obligation to the government, to the nation,” Tom Fanning, a solarium commissioner and the CEO of gas and electric utility Southern Company, said March 5 at a commission event.

The federal government — particularly through the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security and the National Security Agency’s Cybersecurity Directorate — is trying to improve cyberthreat intelligence sharing between critical infrastructure operators and the feds.

Weinstein said the federal government can improve its relationship with critical infrastructure providers through information sharing and vulnerability disclosure.

“There is a major need for continuous improvement of information sharing across the board as well as communicating the value from the government to the industries and sharing all information available,” Weinstein said. “Through coordinated vulnerability disclosure, the government ... must communicate with the vendors themselves, who are the people who actually manufacture the industrial control systems around the world.”

The Cyberspace Solarium Commission report recommended that the intelligence community review policies that inhibit threat information sharing with the private sector. The report also called for the creation of information sharing platforms to improve communication between industry and the feds.

“It doesn’t just fall on the federal government, and it doesn’t just fall on enterprise organizations,” Weinstein said. "This is an issue that everyone needs to take seriously.”

Photo: A new survey asked IT professionals who they think should be tasked with securing critical infrastructure. (Gerald Herbert/AP)

Link: https://www.fifthdomain.com/critical-infrastructure/2020/03/26/who-should-be-responsible-for-critical-infrastructure-cybersecurity/

Comments RSS feed for comments on this page

There are no comments yet. Be the first to add a comment by using the form below.