High Stakes, Hidden Costs: Examining the Fallout of the U.S. Disbanding Its Public-Private Cyber Alliances

By Matthew DeChant, CEO of Security Counsel

In late January, two days into the new administration, the Department of Homeland Security sent out a memo dismissing all private sector experts from its advisory committees, including the Cyber Safety Review Board (CSRB). For years, these committees have added essential private sector expertise to government responses to attacks and vulnerabilities, and helped protect critical infrastructure largely owned by companies and not controlled or directly protected by the government.

Healthy democracies were never intended to be solely run by political insiders, and the famous phrase that embodies this is “government of the people, by the people, for the people”. The current administration, in its mission to shrink the size of the federal government, has targeted some of our long-standing cybersecurity public-private partnerships for downsizing or outright disbandment.

This decision disrupted many ongoing investigations, including that of the Salt Typhoon attacks on American telecom providers. But the dismantling of these advisory committees creates deeper problems not only for the U.S., but for the future of the cybersecurity field. These partnerships gave the government the ability to understand and combat cyber threats in ways it otherwise couldn’t allocate US tax dollars to, and with commercial skills that many government employees don’t have today.

Where Does This Leave The Future of Public-Private Security Alliances?

Short term, we the people probably won’t see an immediate effect. These experts know each other, and still likely have their personal cell phones and email addresses. They will see each other at conferences and may even be friends. But when experts are needed to address an attack, such as one that is especially fast and unknown like a zero-day exploit, they may not be quick to find.

Longer term, the dismantling of these partnerships will slow down the government’s response time as these experts retire or refocus their volunteer time with other organizations who express a greater willingness to collaborate. In many cases, they may no longer be available at all. This will affect the overall ability of the government to respond in time to prevent serious and lasting damage to our government and country.

Where we will see an even greater impact is down the road generationally. Keep in mind, one of the main benefits of these public-private partnerships was that the best experts in the cybersecurity field are almost assuredly privately employed, with the private sector paying an average of 14% higher salaries than the government. Those who served on these committees may be too expensive to work directly for the government, but they feel a sense of duty to provide their expertise to the country—and in fact, their private sector-specific experience is immensely valuable in protecting our nation’s systems and critical infrastructure. With less interest in the private sector to mentor and encourage a younger generation to “give back” and work with the federal government, we will inevitably see less willingness or even an understanding that this is how democracies normally function. This will lead to a larger and larger knowledge gap between the public and private sector. Given the state of global political dynamics and uncertainty, we need vigilance more than ever now, not complacency and learned helplessness.

Private and Public Cybersecurity Experts Must Stay Committed to Our National Security

Whatever the future political landscape looks like, we need all people: private cyber experts, dedicated governmental employees, citizens, and even political enemies, to do their part and keep this country safe from attacks, both foreign and domestic. As another phrase goes, “security is everyone’s responsibility.”

Let’s work together to reestablish these partnerships in whatever capacity we can, so we the people have a safe, productive space to collaborate and keep up the good fight.

Author Bio:

Matthew DeChant is the CEO of Security Counsel, an information security management consultancy. Matt has 25 years of experience building information technology and security programs. As an in-house CISO and through Security Counsel, Matt has managed the creation of cybersecurity programs for numerous clients and their executive teams, corporate boards, and high-net-worth individuals. He leads response events and conducts tabletop exercises with his clients to help them prepare for their potential worst-case scenario cybersecurity events. He is part of numerous cybersecurity best practices committees & boards and is passionate about supporting quality cybersecurity education.

Join our LinkedIn group Information Security Community!

Source link

#High #Stakes #Hidden #Costs #Examining #Fallout #U.S #Disbanding #PublicPrivate #Cyber #Alliances

High Stakes, Hidden Costs: Examining the Fallout of the U.S. Disbanding Its Public-Private Cyber Alliances

Recent Posts

High Stakes, Hidden Costs: Examining the Fallout of the U.S. Disbanding Its Public-Private Cyber Alliances

[2503.09701] Have LLMs Made Active Learning Obsolete? Surveying the NLP Community

Niantic reportedly in talks to sell video game business in $3.5bn deal with Scopely

Singapore records surge in mobile wallet scams

Insight Partners, VC Giant, Falls to Social Engineering

The Download: selling via AI, and Congress testing tech

Advanced Time Intelligence in DAX with Performance in Mind

Russia-aligned hackers are targeting Signal users with device-linking QR codes

Xbox Pushes Ahead With Muse, a New Generative AI Model. Devs Say ‘Nobody Will Want This’