Data protection has become a critical issue among government agencies in recent years as public sector organizations increasingly adopt technology such as the cloud and mobile. The European Union is currently looking at ways to strengthen security across companies and countries, so it should not come as a surprise that the White House has issued a new framework for agencies and departments to facilitate cybersecurity information sharing. CSO Online said the National Strategy for Information Sharing and Safeguarding may be a small step, but it is an important one for the U.S. government, as lawmakers have struggled with crafting effective regulations for sharing data between the government and private industries.
"Congress failed this year in passing legislation that would have required utilities and others responsible for the nation's critical infrastructure, such as the power grid and water filtration systems, to share information with federal officials," the website said. "While lawmakers are expected to revisit the issue next year, the guidelines released Wednesday will begin the process of government entities setting up data-sharing mechanisms. While the document doesn't specifically address cyber-attack data, it would be included in the government's efforts."
Murray Jennex, an associate professor at San Diego State University, told CSO Online that this is a good first step for the U.S. He believes that other agencies will open up with what is happening with them, which means the National Security Agency and Federal Bureau of Investigations will be able to freely pass on important pieces of information.
While Jennex and other professionals believe there are areas where this will fall short, such as sharing classified information that may help data security, the news source suggested there still needs to be a more comprehensive set of guidelines for declassifying cyberattack data.
What this agreement will do
In the meantime, this report said that national security will be improved by the ability to share "the right information, with the right people, at the right time" and will foster collaboration between state, local, private sector, foreign partners and other bodies to help improve data security across the board. This information should be viewed as a "national asset," according to President Barack Obama and his administration in the report. While this may be a small step, it may be the first of many, according to CSO Online, as organizations in the private sector may be reticent to share breach information for fear of lawsuits or compliance fines.
The report outlines several goals, including::
- Adopt common processes where possible
- Develop policies for making information available to only the individuals who need it
- Make sure networks are interoperable
- Build security through structural reform, policy and technical solutions
- There must be safeguards to protect civil rights and privacy across the board
Other steps being taken
The White House announced last year there would be a number of new steps to help keep classified and government networks safe from unauthorized disclosures and attacks. President Obama signed an executive order with a seven-month review window to help find the right balance between security and sharing information. There is a special committee that looks into information sharing and many departments have already taken steps to make sure classified information is protected on mobile devices, computers, networks and other places.
"Our nation's security requires classified information to be shared immediately with authorized users around the world but also requires sophisticated and vigilant means to ensure it is shared securely," says President Obama's order, according to the news source.
Security News from SimplySecurity.com by Trend Micro.