Cybersecurity Framework's Three Main Points Highlighted by US Treasury Official
Recent cyberattacks on major U.S. retailers have pushed the discussion of cybersecurity and digital transparency to not only the front pages, but also the political sphere. Highlighting the U.S. government's increased involvement in advancing the nation's digital infrastructure, U.S. Treasury official Amir-Mokri explained why it is important for the Obama administration to be involved in the fight against cybercrime Wednesday.
After thanking the Securities Industry and Financial Markets Association for hosting him, Assistant Secretary for Financial Institutions at the U.S. Treasury Department Amir-Mokri went on to explain to elaborate on three key points concerning the intent of Executive Order 13636 titled "Improving Critical Infrastructure Cybersecurity." The order, signed by President Obama's hand Feb. 12, 2013, resulted in a year-long data-collecting spree by the Department of Commerce's National Institute of Standards and Technology. The White House followed up with the release the Cybersecurity Framework in February this year, providing a skeletal outline for improving responses to cyberattacks.
"I'd like to start with a few fundamental observations about our collective cybersecurity efforts. The first is just that: our cybersecurity efforts are collective, and it is important that they remain so. The endeavor is collective along several dimensions. It is, for example, a 'whole of government' effort. To illustrate: even though Treasury is the financial sector's 'sector specific agency.' Treasury can be effective only if it works well with other government agencies, including the financial regulators, law enforcement, homeland security, and the intelligence community," Amir-Mokri said.
"As President Obama's Executive Order implies, it is important for the government to share information and provide technical assistance to the private sector. At the same time, as the Executive Order also implies, it is important for the private sector, including firms both small and large, to do its part in maintaining robust cybersecurity resilience and readiness."
Amir-Mokri also added that cyberthreats are not something to be trifled with -- they are becoming more prolific and a larger threat to the American public.
"My second observation is that our vigilance must be persistent and sophisticated because the threats are persistent and increasingly sophisticated," Amir-Mokri continued. "Finally, there will be no silver bullets. So long as we rely on information technology in the pervasive way we do today, cybersecurity will remain a priority."
Security firm McAfee's Threats Report for the fourth quarter of 2013 discovered over 200 new cyberthreats per minute, or more than 3 second.
Cybersecurity has been recently thrust into the spotlight thanks to a serious of cyberthefts that were uncovered late last year. Retailers Target, Neiman Marcus, and Michaels were all hit, but Target's security breach was the worst. The current tally indicates 110 million Americans were affected.
Around 40 million credit card records and another 70 million personal records were siphoned out of Target's databases. Recent news indicates that Target was actually warned about then security breach, but failed to act on the red flags. Target also issued a statement last Friday stating things might be worse than realized.
"Our investigation of the matter is ongoing and it is possible that we will identify additional information that was accessed or stolen, which could materially worsen the losses and reputational damage we have experienced," Target said in its 10-K report filed with the Securities and Exchange Commission Friday.
Subscribe to Latin Post!
Sign up for our free newsletter for the Latest coverage!