Feds Must Own Command-and-Control while Championing Public/Private Cooperation Last week I wrote a blog suggesting that IT professionals and legislators read the new book, “Fatal System Error,” by Joseph Menn. This recommendation was based on my believe that most people don’t understand the scope of sophistication of current cyber threats and we need more government and private sector action and cooperation immediately.I received an interesting comment from someone who classified him or herself as a libertarian. While this person suggested that he or she would read the book, they expressed great apprehension about “big government” getting involved. The fear is that the government will simply turn cybersecurity into a gravy train, spend inordinate amounts of money, and never meet its responsibility or mission objectives.I certainly share some of this reader’s apprehension and can point to a number of government cybersecurity snafus that have gone nowhere and cost hundreds of millions of dollars. Nevertheless, I continue to believe that the Federal Government must lead the way. Why? Rather than write down my rationale, I suggest that readers do a bit of digging on a similated excercise by the Bipartisan Policy Center called “Cyber ShockWave.” You can watch video of the proceedings at YouTube (http://www.youtube.com/watch?v=tfv5JASJxbA).In this exercise, expert participants simulated a series of sophisticated cyber attacks on the U.S. If real, these attacks would cause massive economic damage while disrupting our daily lives in a big way. Pretty ugly.In my humble opinion, attacks like these are the cyber equivalent of Hurricane Katrina. Yes, the government can totally screw up as it did with New Orleans and Katrina, but the private sector has no capacity to fill this void. It’s DHS or bust in both cases.We citizens need to demand that the Feds get their cybersecurity act together but also hold legislators accountable for their actions and spending. We need the government to be prepared for an event like Cyber ShockWave and soon — before it actually happens. Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe