• United States



Government & Private Sector Differences on Cyber Security

Sep 01, 20083 mins
IT Leadership

As the election stories heated up during August, a number of articles appeared around the country regarding roles and responsibilities in cyberspace – and especially on cyber security. While everyone wants more money, two different camps have different approaches to the question:  Should the government do more? 

Check out this LA Times article entitled: Public, private sector at odds over cyber security.  There are many interesting quotes and sub-plots to this story. Take, for example Jerry Dixon’s comments:

“Nothing is happening,” said Jerry Dixon, the former director of the National Cyber Security Division at the Department of Homeland Security. “This has got to be in the top five national security priorities.”

What makes this story interesting is the strange number of role reversals that various people are now playing around the country. It’s hard to keep track of who is changings sides in the debate and who is just hedging their bets as they wait for November 5 and the crowning of a new President. Let me try to explain without getting into too many details…

  The traditonal view has been that Republicans have a hands-off approach when it comes to things like the Internet. They argue that 85% (or more) of the Internet is privately held, and that the government should allow the private sector to largely run the show. The government role is to support public-private opportunities and to work together where it makes sense.

  Meanwhile the Democrats (supposedly) want more government action. This can equate to more regulation, more mandatory compliance, and increases in infrastructure investments (allocate dollars) to make things better and more secure.

Of course, these stereotypes never work exactly, and there are individual exceptions. The Bush Administration is making large investments in the cybersecurity initiative for federal government security, but that is too little too late for many cyber security critics.

No doubt, there is plenty of wiggle room for everyone, and this is not entirely a new issue.  In my experience with the Department of Homeland Security (DHS), the relationship between the public and private sectors has been excellent. They work together well, and up until recently, the majority of experts were on board with DHS strategies. That being said, cyber crime has grown significantly worse over the past several years.

Just as every Monday morning quarterback in America analyzes their football team’s good and bad plays from the weekend before, there are many items to praise and items to complain about regarding federal, state and local government  IT efforts.  That is, just because I complain about Michigan State’s loss to Cal this weekend and the number of poor plays, doesn’t mean that I’m not a loyal fan.

Still, there are many ways to win a football game. There are also many different ways to organize our Internet governance and security efforts. We’ll know a lot more about those plans and the next four years in November.      


Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist and author. During his distinguished career, Dan has served global organizations in the public and private sectors in a variety of executive leadership capacities, including enterprise-wide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan State Government. Dan was named: "CSO of the Year," "Public Official of the Year," and a Computerworld "Premier 100 IT Leader." Dan is the co-author of the Wiley book, “Cyber Mayday and the Day After: A Leader’s Guide to Preparing, Managing and Recovering From Inevitable Business Disruptions.” Dan Lohrmann joined Presidio in November 2021 as an advisory CISO supporting mainly public sector clients. He formerly served as the Chief Strategist and Chief Security Officer for Security Mentor, Inc. Dan started his career at the National Security Agency (NSA). He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US / UK military facility. Lohrmann is on the advisory board for four university information assurance (IA) programs, including Norwich University, University of Detroit Mercy (UDM), Valparaiso University and Walsh College. Earlier in his career he authored two books - Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD For You: The Guide to Bring Your Own Device to Work. Mr. Lohrmann holds a Master's Degree in Computer Science (CS) from Johns Hopkins University in Baltimore, Maryland, and a Bachelor's Degree in CS from Valparaiso University in Indiana.

More from this author