US Cyber Director: Forging a Cybersecurity Social Contract Is Not Optional

In a Black Hat Asia keynote fireside chat, US national cyber director Chris Inglis outlined his vision of an effective cybersecurity public-private partnership strategy.

BLACK HAT ASIA – The future of cybersecurity public-private partnerships (PPP) will be about sharing efforts and pooling resources to provide a common defense, explained US national cyber director Chris Inglis during a fireside chat at Black Hat Asia.

Inglis called it a “new social contract” and defined the joint work that lies ahead for both government and business to protect their interests. It should be a “collaborative, not a division of effort,” he told moderator and Black Hat founder Jeff Moss. He added that it’s up to businesses to build secure systems from the start rather than being “the poor soul at the end of the supply chain.”

Building a Defensible System
In return for adding the cost of cybersecurity into the design and build phase, these companies won’t be left alone when it’s time to respond to threats.

“We have to build a defensible system,” Inglis said. “And in a collaborative fashion, we are going to defend it.”

Market forces are pushing companies toward that model, but not fast enough, Inglis said, with the assurance that any regulation will be with the “lightest touch” by the government.

Business as a Government Cybersecurity Collaborator
He added that since the Russian invasion of Ukraine, the US government has shared intelligence with the private sector to help defend their systems against cyberattacks. Inglis also lauded the action by Microsoft to roll out a patch against the Russian wiper virus used in attacks against Ukraine, but warned that it’s imperative that we not “conflate geography with risk.”

For instance, blocking Putin from platforms is different than blocking the wider Russian population, which has happened on TikTok, Netflix, Facebook, and many others.

Inglis also expressed that the private sector should demonstrate that it has an interest in protecting the privacy and providing more transparency into its businesses.

Ultimately, the relationship between business and government is evolving.

“Today, there are instances where the private sector is the supported organization and the government is the supporting organization,” Inglis said. “This is a new social contract, but we’ve done this before. It’s about the allocation of responsibility across the entire ecosystem.” Read more:

You can also read this: The UK announces nuclear cybersecurity strategy

Leave a Reply

Your email address will not be published. Required fields are marked *