State and local governments have a leg up when it comes to strengthening their cybersecurity posture, says Peter Mosmans, an international private sector cybersecurity consultant and pen tester.
Government collaboration is somewhat more different than the private sector, Mosmans says on a StateScoop podcast. You often have a competitive relationship and you don’t want to spill your proprietary information or any information, for that matter. Companies in the private sector are more hesitant to share that information, as opposed to the state and government level.
Mike Hussey, the chief information officer of Utah, says on the podcast that his ability to share and partner with agencies makes his cybersecurity stronger.
When you have a cooperative of 50 states or even cities and counties joining together, you certainly get to share the intelligence thats among all of those communities and level or raise the level of the boats in all of the harbor here, Hussey says.
In his state, Hussey says he relies heavily on the Multi-State Information Sharing and Analysis Center an initiative funded by the federal Department of Homeland Security and housed at the Center for Internet Security to disseminate information to state agencies as well as local governments in Utah.
We develop those relationships with the counties and the cities and begin to bond together and find improvement because of the synergy that happens between all of us together, Hussey says. You start to see a little more proactive approach because now you’re catching [things like ransomware] earlier in the process.
For Mosmans, its that level of collaboration that gives the public sector an advantage. The private sector, however, has had the opportunity to cooperate more without necessarily sharing proprietary information.
It used to be that only security professionals were the people that were actually invested in security and looking around for new knowledge and new intelligence, Mosmans says. People now more see the necessity themselves. It more becomes a shared thing as opposed to a specialized thing.
On the podcast:
What to listen for:
This podcast was produced by StateScoop and underwritten by Pluralsight.
Learn more about how Pluralsight can help you build a stronger cybersecurity workforce.