Recent Cyber Events Highlight the Need for Public-Private Partnership

ISAO Standards Organization

Stuart M. Gerson, a Member of the Firm in the Litigation and Health Care & Life Sciences practices, in the firm’s Washington, DC, and New York offices, contributed content for the Information Sharing and Analysis Organization Standards Organization (ISAO SO), a non-governmental organization involving public-private cooperation, established October 1, 2015, pursuant to a Presidential Executive Order.

Mr. Gerson authored an article, titled “Recent Cyber Events Highlight the Need for Public-Private Partnership,” the first op-ed in a new monthly series by ISAO SO working group members focusing on current topics impacting the Information Sharing Ecosystem.

Following is an excerpt:

“We must all hang together, or assuredly we shall all hang separately.” Benjamin Franklin

The freedom to innovate, which our dynamic society has allowed, has made America the world’s most developed and complex technology and information driven society. And from its periphery to its cyber core, America has proved vulnerable to successful attack by adversary nation states both directly and through their sponsored or protected surrogates.

Most recently, the Colonial Pipeline ransomware attack took down the largest gasoline pipeline in the country. With delays to service stations curtailed, local panic caused runs on the existing supply, leading to shortages and risk to the free flow of commerce and our economy, and perhaps not abstractly, our ability to respond to national and international crises.

Not too long before that, we experienced the Solar Winds hack that compromised an estimated hundred companies, including technology giants like Microsoft, Intel and Cisco, and at least a dozen agencies of the federal government, including the Departments of Defense, Treasury, Justice and Energy, and even the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) which was formed to protect the nation from cyber attack.

Add to that mix, the reported $40 million ransom that the CNA insurance company paid to ransomware criminals, and you get a strong sense of the fact that you get the inescapable conclusion that there is a shared problem that requires a shared solution.

Thus, it is no surprise that a new report from the Office of the Director of National Intelligence describes challenges facing the United States in cyberspace. The report cites Chinese cyber espionage and growing offensive capabilities, Russian willingness to engage in disruptive and potentially devastating cyber attacks, and ongoing threats from Iran, North Korea and criminal syndicates.