\u00a0 Ever since I became Michigan\u2019s first Chief Information Security Officer (CISO) in 2002, I have noticed a disturbing gap between front line users, security technologists and many senior policy makers. While both public and private sector executives around the globe readily acknowledge the need for various cybersecurity actions in order to safeguard sensitive information and protect critical infrastructure under their control, many misunderstandings still exist between those on the front lines who use or run the networks and those who allocate the resources and\/or set policies. This disunity is being exploited by those who are attacking us in cyberspace.\t\u00a0In my opinion, this cyber gap has been more pronounced in some companies, states and national governments than in others. For example, our Michigan Governor Rick Snyder has a background as CEO of Gateway Computers and he clearly \u201cgets it\u201d when it comes to technology innovation and the cybersecurity risks we face. He has taken strong action to address technology infrastructure improvements as well as improve cyber-awareness and defense. Yes, we still have a long, long way to go here; nevertheless, security colleagues around the country tell me that Michigan tends to be an exception in 2012. And we\u00a0are not an island.\tI believe that this global cyber gap is one of the reasons for the lack of action in Washington D.C. (and elsewhere around the world) regarding cybersecurity legislation or other cyberdefense actions. To be sure, partisan politics are a part of our challenge. However, I have talked with many experts (off the record) who say that they quietly fear that no real change will occur in cyber defense in the USA (or any other nation) until some major incident occurs. Really? Are we just waiting for an inevitable \u201cCyber Pearl Harbor?\u201d Do we need losses on cyber crime to reach a higher percentage of GDP before we say \u201cenough.\u201d \u00a0\u00a0I hope not.\tNo doubt, there have been numerous \u201ccybersecurity call to action\u201d decrees from various authors, state government associations,\u00a0 cyber summits, international student groups, various commissions, and more. Indeed, we now have a cyber summit (or two) every week. This has become the new normal, and few in society even pay attention to urgent Internet decrees or cyber proclamations. At a local level, some companies and governments have responded aggressively after a major cyber breach, and there is an overall sense of cooperation amongst various Information Sharing & Analysis Centers and public \/ private partnerships with law enforcement leaders.\tHowever, we continue to be outgunned and losing more cyber battles every day.\u00a0 Clearly, other issues such as health care and global debt crowd-out cybersecurity on the political agenda, but why the constant lack of significant progress? More than that, our weaknesses go beyond legislation or government action and require every business and home in America to pay attention \u2013 which seems almost impossible. Even in places where things are going well, the task of protecting data and individuals in cyberspace seems daunting.\tWhile I am an optimist who believes that we will eventually get through this lull in significant cyber action, I do sense quite a bit of discouragement and denial in our professional ranks right now. I speak with CSOs, CISOs and security experts all around the world who feel like we are treading water and not progressing. We\u2019re dealing with attitudes and stereotypes of our profession that somehow prevent progress for fear of either \u201cBig Brother,\u201d a loss of customers, too much security or too little privacy or something else.\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\tWhat new steps can to be taken? Is there a \u201cpragmatic middle\u201d in our space? Are there small steps we can all agree on? How can we truly build more trust? I know that there are global cybersecurity agendas and United Nations groups that are meeting on standards and a level of cooperation on cyber crimes. Still, there is a growing group of people that believe that bottom-up change needs to occur that encourages dialogue amongst industry executives, academics and IT pragmatists in a trusted setting.\tWhat can I suggest in the way of a solution?\tEnter: \u201cThe International Cybersecurity Dialogue (ICD).\u201d This is a new non-profit group which is lead by two people who I respect and trust in our profession: Anne Bader and Richard Stiennon. Over the past year, I have been very impressed with the approach taken by Anne and Richard, and I have participated in several international discussions with other experts in the security field who are also involved. Both of these experienced professionals want to dedicate the next few years to advancing our public and private protections via trusted relationships that can cut through traditional barriers. Events and meetings will encourage dialogue around the world regarding core issues that must be addressed and steps to help make conversations meaningful.\tHere\u2019s an excerpt from the ICD website:\t\u201cThe International Cybersecurity Dialogue program includes roundtables, expert briefings, assessment visits, a closing forum and two reports. Meetings and interviews will be off the record as appropriate. Reports, commentary and assessments will be presented through the ICD Forum. Our leadership core group comprises public and private experts in defense, law, finance, energy, telecommunications, transport, insurance, ethics and legislation from US, UK, Estonia, Singapore and Israel. Towards the end of this period, we will expand to other international partners such as Hungary, India, Brazil, Panama, Germany, France, and Australia.\u201d\tThere is more I will report on this topic, along with opportunities to engage in the coming year, but I wanted to get this topic out into the public and hear feedback on this new group. As an advisor to this group, I look forward to new opportunities to exchange ideas and learn from others in different settings.\u00a0 We need to engage the entire ecosystem to come up with new answers moving forward.\tAs Richard Stiennon and Anne C. Bader say on the new website: \u201cWe believe that national policies and laws governing the new cyber domain must be made with the public and private sector technologists who create and manage the networks and systems.\u201d\tNo, this will not solve all our problems. Yes, this is another group to engage with at a time that most of us our too busy. Nevertheless, I am encouraged by my interactions with these colleagues from around the world. The group is planning interactive events that truly encourage dialogue, idea sharing and action. The website offers opportunities to partner and engage others\u00a0who care about\u00a0cybersecurity\u00a0from other cultures. There is also contact information for those who want to learn more.\u00a0\tI believe we need this new international cybersecurity dialogue.\tDo you agree?