Chapter 1. Developing a Clear Set of Action Areas:
3. Community Responses
Research. Cyber resilience or cybersecurity is still a fairly nascent topic, and requires further investment from interested parties to be fully understood and developed. As such, it is important to encourage public- and private-sector efforts to better understand the impact of cyber resilience on enterprises, nations and macroeconomics. This common language development would be helpful in setting priorities and focusing government policies on cyber resilience. Many advancements in this space occurred outside formal institutions. As such, it will be important to create an atmosphere in which counter-attack (“white-hat hacker”) research is not only encouraged but also supported financially.
Shared resource for capability building. Foster partnerships among governments, universities and the private sector to develop skills in this area.
Information-sharing. As one of the core areas of focus identified by the Partnership for Cyber Resilience in 2012, key recommendations surfaced regarding sharing of information:
- Where legally feasible, institutions need to find mechanisms for information-sharing already in existence, either formally or informally.
- Towards that end, it will be critical to improve the quality of the ISACs/CERTs/CIERTs and other information-sharing venues to provide the best variety of options.
- The success of such programs requires the promotion of an interoperable, extensible and automated system for sharing information.