The Biden administration seeks ways to better gather and share security intelligence from the private sector, but experts see barriers to success.
As the federal government grapples with Russia and China’s widespread and damaging hacks, the Biden administration is seeking new methods for better early threat detection of these sophisticated intrusions. Both the SolarWinds espionage hack attributed to Russian operatives and the exploits of the Microsoft Exchange server vulnerabilities attributed to China were uncovered by private firms, cybersecurity giant FireEye and Microsoft.
Both attacks originated on servers within the US, placing them out of reach of the National Security Agency’s (NSA’s) powerful detection capabilities, which US law restricts to international activities. The new cybersecurity leadership in the Biden White House is brainstorming methods to establish new early warning systems that combine traditional intelligence agency methods with private sector expertise. The White House announced on March 17 the formation of a task force it calls the Unified Coordination Group consisting of federal and private sector representatives charged with finding a “whole of government” response to the Microsoft Exchange attack.
Reportedly chief among the new approaches is establishing more profound information-sharing methods with the private sector. The concept is to set up a real-time threat sharing mechanism where data could be sent to a central repository and paired with intelligence gathered by the NSA and other intel agencies to provide organizations with more immediate threat warnings.
This article appeared in CSO Online. To read the rest of the article please visit here.