For years, cybersecurity experts have expounded on the need for a “public-private” partnership to protect critical infrastructure, financial institutions and other targets of attackers.
But a new report from the Internet Security Alliance suggests the approach thus far has been backward: It should really be a “private-public” partnership.
“The public sector is leading the way, where it really should be the private sector that takes the lead,” said President Larry Clinton.
The ISA’s report, “Implementing the Obama Cyber Security Strategy via the ISA
Social Contract Model,” says the private sector has had little incentive to take on that leadership role.
The report defines cybersecurity not as a technical or tactical problem, but as an economic and strategic one. To bring the private sector to the point of leading, the government needs to switch its focus from regulation to incentives.