Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/2/2008
04:54 PM
50%
50%

Ready For Help From Big Brother?

Cybersecurity is an issue that impacts everyone. The bad guys do not care about whom they hurt as long as they take advantage of someone. So, sentiment is growing for private enterprises and the government to work together against the hooligans.

Cybersecurity is an issue that impacts everyone. The bad guys do not care about whom they hurt as long as they take advantage of someone. So, sentiment is growing for private enterprises and the government to work together against the hooligans.Despite companies and individuals pouring billions of dollars into security products, problems from malware continue to grow: 63 percent of federal, state and local government, and private sector IT executives believe they are under an increased threat this year compared to last year and 82 percent have placed a higher priority on information security this year. The federal government is trying to be more proactive. It has been pushing the National Cyber Security Initiative, a proposal that would set aside more than $30 billion over the next seven to 10 years to improve cybersecurity Yet, what are they going to do with the information gathered once the money is spent? Most companies feel that the government will keep it: in fact, 78 percent of private companies want the government to release more information about cyber threats, according to a survey of 600 users from Symantec.

In general, little information is now shared among private companies, federal and state governments. The survey found that 68 percent of federal, 59 percent of private sector, and 48 percent of state and local respondents call for increased collaboration to improve their responses to cyber threats. Such exchanges could benefit all parties because each is strong in some areas and weak in others. The federal government is leading the charge in preparedness exercises and automating security reporting, areas state and local agencies and the private sector are not as diligent. Cyber attack fire drills are also more common in federal agencies: 63 percent of federal respondents reported their organization has participated in such exercises compared to 39 percent of private sector institutions and 32 percent of state and local respondents. The federal government is also using automated tools more effectively than most organizations: 64 percent of federal respondents have automated threat reporting compared to 44 percent of private sector and 38 percent of state and local respondents.

The bad guys use various Web sites to share information all of the time Web sites. It is time that those fighting them learn to do the same. Working together may not mean an end to cyber crimes, but it may enable the good guys to fight these problems more effectively.

How much interaction do you have with the local government? How about the federal government? What do you see as the pluses and minuses of increased sharing of data among the different organizations?

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
Ransomware Is Not the Problem
Adam Shostack, Consultant, Entrepreneur, Technologist, Game Designer,  6/9/2021
Edge-DRsplash-11-edge-ask-the-experts
How Can I Test the Security of My Home-Office Employees' Routers?
John Bock, Senior Research Scientist,  6/7/2021
News
New Ransomware Group Claiming Connection to REvil Gang Surfaces
Jai Vijayan, Contributing Writer,  6/10/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: Zero Trust doesn't have to break your budget!
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31476
PUBLISHED: 2021-06-16
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han...
CVE-2021-31477
PUBLISHED: 2021-06-16
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GE Reason RPV311 14A03. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firmware and filesystem of the device. The firmware and filesystem contain hard-...
CVE-2021-32690
PUBLISHED: 2021-06-16
Helm is a tool for managing Charts (packages of pre-configured Kubernetes resources). In versions of helm prior to 3.6.1, a vulnerability exists where the username and password credentials associated with a Helm repository could be passed on to another domain referenced by that Helm repository. This...
CVE-2021-32691
PUBLISHED: 2021-06-16
Apollos Apps is an open source platform for launching church-related apps. In Apollos Apps versions prior to 2.20.0, new user registrations are able to access anyone's account by only knowing their basic profile information (name, birthday, gender, etc). This includes all app functionality within th...
CVE-2021-32243
PUBLISHED: 2021-06-16
FOGProject v1.5.9 is affected by a File Upload RCE (Authenticated).